Aggregator

CVE-2025-5600 | TOTOLINK EX1200T 4.1.2cu.5232_B20210713 /cgi-bin/cstecgi.cgi setLanguageCfg LangType stack-based overflow

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument LangType leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-5600. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-5599 | PHPGurukul Student Result Management System 1.3 /editmyexp.php emp1ctc sql injection

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability classified as critical was found in PHPGurukul Student Result Management System 1.3. This vulnerability affects unknown code of the file /editmyexp.php. The manipulation of the argument emp1ctc leads to sql injection. This vulnerability was named CVE-2025-5599. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-47728 | Delta Electronics CNCSoft-G2 2.0.0.5/2.1.0.4/2.1.0.10/2.1.0.20 File out-of-bounds write (PCSA-2025-00007 / EUVD-2025-16854)

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability classified as critical has been found in Delta Electronics CNCSoft-G2 2.0.0.5/2.1.0.4/2.1.0.10/2.1.0.20. This affects an unknown part of the component File Handler. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2025-47728. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-13967 | ABB EIBPORT V3 KNX/EIBPORT V3 KNX GSM up to 3.9.8 Integrated Web Server session fixiation (EUVD-2024-54646)

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability was found in ABB EIBPORT V3 KNX and EIBPORT V3 KNX GSM up to 3.9.8. It has been rated as critical. Affected by this issue is some unknown functionality of the component Integrated Web Server. The manipulation leads to session fixiation. This vulnerability is handled as CVE-2024-13967. The attack may be launched remotely. There is no exploit available.
vuldb.com

Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks

The Hackers News
9 months 4 weeks ago
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety of supply chain threats lurking in open-source ecosystems. The findings come from multiple reports published by Checkmarx,
The Hacker News

CVE-2018-25112 | Phoenix Contact ILC 131/ILC 151/ILC 171/ILC 191 ETH IEC 61131 Program allocation of resources (VDE-2018-012 / EUVD-2018-21599)

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability was found in Phoenix Contact ILC 131, ILC 151, ILC 171 and ILC 191 ETH. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component IEC 61131 Program. The manipulation leads to allocation of resources. This vulnerability is known as CVE-2018-25112. The attack can be launched remotely. There is no exploit available.
vuldb.com

专题·网安人才评价体系 | 实战为基,评价为尺——网络安全人才能力体系的创新与发展

中国信息安全
9 months 4 weeks ago
我国网络安全人才领域正面临着供需失衡、能力错配等诸多困境,传统评价模式已难以适应快速演进的威胁形势和产业发展需求。构建科学、规范、实战导向的人才评价体系,既是破解人才结构性矛盾的关键,更是提升我国在全球网络安全治理中影响力的战略支点。

Managed ad