Aggregator

CVE-2025-5597 | WF Steuerungstechnik airleader MASTER 3.00571 improper authentication (msec-2025-003 / EUVD-2025-16865)

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability was found in WF Steuerungstechnik airleader MASTER 3.00571. It has been declared as very critical. This vulnerability affects unknown code. The manipulation leads to improper authentication. This vulnerability was named CVE-2025-5597. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-5640 | PX4-Autopilot 1.12.3 TRAJECTORY_REPRESENTATION_WAYPOINTS Message mavlink_receiver.cpp stack-based overflow (Issue 24915)

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability was found in PX4-Autopilot 1.12.3. It has been classified as problematic. This affects the function MavlinkReceiver::handle_message_trajectory_representation_waypoints of the file mavlink_receiver.cpp of the component TRAJECTORY_REPRESENTATION_WAYPOINTS Message Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-5640. Local access is required to approach this attack. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5639 | PHPGurukul Notice Board System 1.0 /forgot-password.php email sql injection

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability was found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /forgot-password.php. The manipulation of the argument email leads to sql injection. This vulnerability is handled as CVE-2025-5639. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5638 | PHPGurukul Notice Board System 1.0 /admin-profile.php mobilenumber sql injection

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability has been found in PHPGurukul Notice Board System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin-profile.php. The manipulation of the argument mobilenumber leads to sql injection. This vulnerability is known as CVE-2025-5638. The attack can be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.
vuldb.com

35,000 Internet-Connected Solar Power Systems Vulnerable to Cyberattacks

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
9 months 4 weeks ago

Forescout Research Vedere Labs has uncovered that nearly 35,000 solar power devices, including inverters, data loggers, and gateways from 42 vendors, are exposed on the internet with vulnerable management interfaces. Identified using the Shodan search engine, these devices represent a critical cybersecurity risk to global power grids, especially as renewable energy sources like solar power […]

The post 35,000 Internet-Connected Solar Power Systems Vulnerable to Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2025-5633 | code-projects/anirbandutta9 Content Management System/News-Buzz 1.0 /admin/users.php delete sql injection

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability was found in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/users.php. The manipulation of the argument delete leads to sql injection. This vulnerability is handled as CVE-2025-5633. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad