Aggregator

A vulnerability, which was classified as very critical, has been found in Apple Mac OS X up to 10.4.2. Affected by this issue is some unknown functionality of the component Networking. The manipulation leads to improper resource management. This vulnerability is handled as CVE-2007-4689. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in tcpdump 3.9.6. This affects an unknown part of the file print-bgp.c of the component BGP Dissector. The manipulation leads to numeric error. This vulnerability is uniquely identified as CVE-2007-3798. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.

A vulnerability, which was classified as critical, has been found in Skyvern up to 0.1.85. This issue affects some unknown processing of the file sdk/workflow/models/block.py of the component Jinja Handler. The manipulation leads to improper neutralization of special elements used in a template engine. The identification of this vulnerability is CVE-2025-49619. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Systemic Risk Value up to 2.8.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /RiskValue/GroupingEntities/Controls/GetFile.aspx?ID=. The manipulation of the argument ID leads to improper access controls. This vulnerability is handled as CVE-2025-26138. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Safe App 3.0.9. This issue affects some unknown processing. The manipulation leads to improper restriction of excessive authentication attempts. The identification of this vulnerability is CVE-2025-25595. The attack can only be done within the local network. There is no exploit available.

A vulnerability classified as critical was found in Forvia Hella HELLA Driving Recorder DR 820. This vulnerability affects unknown code of the component Pairing. The manipulation leads to improper authentication. This vulnerability was named CVE-2025-30114. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Forvia Hella HELLA Driving Recorder DR 820 on Android. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to hard-coded credentials. This vulnerability is known as CVE-2025-30113. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Forvia Hella HELLA Driving Recorder DR 820. This issue affects some unknown processing of the component SSID Handler. The manipulation leads to use of default credentials. The identification of this vulnerability is CVE-2025-30115. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in ROADCAM X3 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to use of default credentials. This vulnerability is handled as CVE-2025-30122. The attack needs to be approached within the local network. There is no exploit available.

SP 2025 论文 cycle 2的论文清单补上

A vulnerability has been found in Cynox Cyphor 0.19 and classified as critical. Affected by this vulnerability is an unknown functionality of the file show.php. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2005-3575. The attack can be launched remotely. Furthermore, there is an exploit available.

Как нейросеть решает сложнейшие задачи и выигрывает.

Two malicious packages have been discovered in the npm JavaScript package index, which masquerades as useful utilities but, in reality, are destructive data wipers that delete entire application directories. [...]

A vulnerability was found in Microsoft Internet Explorer 6/7/8 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2011-1999. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Bannersky BSK PDF Manager 1.3.2. It has been classified as critical. Affected is an unknown function of the component Dashboard. The manipulation of the argument pdfid leads to sql injection. This vulnerability is traded as CVE-2014-4944. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

根据质量大小，天文学家将黑洞分为三种，分别是恒星质量黑洞（约为太阳质量的 5-50 倍）、超大质量黑洞（质量为太阳的数百万到数十亿倍），以及介于两者之间的中等质量黑洞。虽然科学家认为中等质量黑洞应该存在，但对于它们的起源或特征知之甚少，因此它们被认为是黑洞演化过程中罕见失落的环节。近期天文学家终于取得了中等质量黑洞存在的新证据。这项研究由美国 Vanderbilt 大学所领导的研究团队重新分析了来自激光干涉引力波天文台（LIGO）与 Virgo 干涉仪过去侦测到的黑洞合并事件。研究指出，这些合并后的黑洞，其质量落在太阳的 100 到 300 倍之间，正好落在中等质量黑洞的理论范围内。这项分析结果提供了至今最有力的观测证据，支持中等质量黑洞的存在。研究人员表示虽然这项新分析报告的黑洞质量仍属推测，但可以为了解照亮我们宇宙的第一批恒星打开了一扇前所未有的窗口。研究成果即将发表于《Astrophysical Journal Letters》期刊上。