Aggregator

A vulnerability was found in Progress MOVEit Automation up to 2024.0.0. It has been rated as problematic. This issue affects some unknown processing of the component Configuration Export Handler. The manipulation leads to risky cryptographic algorithm. The identification of this vulnerability is CVE-2024-4563. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Silverpeas Core 6.3. It has been classified as problematic. This affects the function ClipboardSessionController. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-29392. It is possible to initiate the attack remotely. There is no exploit available.

Rather than simply exposing buried truths of the assassination, the final tranche of JFK files also exposed the personal information, including social security numbers, of a parade of people associated with the decades-long investigation, many of whom are still alive today.

The post JFK and the Houthis: Haste Makes Waste of Security  appeared first on Security Boulevard.

A vulnerability has been found in tileserver-gl up to 4.4.10 and classified as problematic. This vulnerability affects unknown code of the file /data/v3/?key. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-35627. The attack can be initiated remotely. There is no exploit available.

新闻速览 •《工业和信息化领域人工智能安全治理标准体系建设指南（2025）（征求意见稿）》公开征求意见 •英国 […]

Submit #520604 / VDB-301889

OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access. By tightly integrating with identity providers (IdPs) and avoiding any additional trusted third party, OPKSSH offers a streamlined and secure way to manage SSH authentication. This week, OPKSSH was officially open-sourced under the umbrella of the OpenPubkey project. While OpenPubkey itself became a Linux Foundation … More →

The post Cloudflare open sources OPKSSH to bring Single Sign-On to SSH appeared first on Help Net Security.

As the latest adaptation of Snow White hits theaters with lukewarm reception, the absence of streaming options on platforms like Disney+ has led many viewers to seek pirated versions online. This trend is not new; every major movie release without a digital option becomes a prime opportunity for attackers to exploit users eager to watch […]

The post Malicious Snow White Movie Download Targets Viewers with New Malware appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Калифорнийские юристы выиграли многомиллионный иск против оператора мобильной связи.

A PhaaS platform, dubbed 'Morphing Meerkat,' uses DNS MX records to spoof over 100 brands and steal credentials, according to Infoblox Threat Intel

本篇文章将以系统演化为起点，深入揭示用户在Android中为何“身份注定暴露”。

本篇文章将以系统演化为起点，深入揭示用户在Android中为何“身份注定暴露”。

本篇文章将以系统演化为起点，深入揭示用户在Android中为何“身份注定暴露”。

本篇文章将以系统演化为起点，深入揭示用户在Android中为何“身份注定暴露”。

本篇文章将以系统演化为起点，深入揭示用户在Android中为何“身份注定暴露”。

本篇文章将以系统演化为起点，深入揭示用户在Android中为何“身份注定暴露”。

本篇文章将以系统演化为起点，深入揭示用户在Android中为何“身份注定暴露”。

A vulnerability classified as problematic was found in ClipperCMS 1.3.3. This vulnerability affects unknown code of the file /assets/files. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2018-19135. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in HDF5 up to 1.14.6. This vulnerability affects the function H5F__accum_free of the file src/H5Faccum.c. The manipulation of the argument overlap_size leads to heap-based buffer overflow. This vulnerability was named CVE-2025-2915. Attacking locally is a requirement. Furthermore, there is an exploit available.