Aggregator

A vulnerability was found in needyamin Library Card System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file signup.php of the component Registration Page. The manipulation of the argument firstname/lastname/email/borrow/user_address leads to cross site scripting. This vulnerability is known as CVE-2025-0844. The attack can be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in needyamin Library Card System 1.0. It has been classified as critical. Affected is an unknown function of the file admindashboard.php of the component Admin Panel. The manipulation of the argument email/password leads to sql injection. This vulnerability is traded as CVE-2025-0843. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This issue affects some unknown processing of the file admin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The identification of this vulnerability is CVE-2025-0842. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #485558 / VDB-294001

Submit #485553 / VDB-294000

Submit #485540 / VDB-293999

A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as critical. This vulnerability affects the function loadMore of the component News. The manipulation leads to deserialization. This vulnerability was named CVE-2025-0841. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

The most recent update for Windows 11 24H2, identified as KB5050009, has caused various kinds of technical issues for users, affecting critical functionalities like audio, Bluetooth, USB devices, and webcams. Released earlier this month, the update was intended to enhance system stability and introduce new features but has instead left many users grappling with broken […]

The post Windows 11 24H2 Update Breaks Web camera, Audio, & USB appeared first on Cyber Security News.

A ransomware attack on a large healthcare network in Maryland has forced officials to shut off IT s

Submit #485445 / VDB-293998

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-0840. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Submit #485255 / VDB-293997

The state-sponsored threat actors are increasingly exploiting Google’s AI-powered assistant, Gemini, to enhance their cyber operations.  While generative AI tools like Gemini hold immense potential for innovation and productivity, their misuse by advanced persistent threat (APT) groups and information operations (IO) actors underscores the dual-use nature of such technologies. Google’s Threat Intelligence Group (GTIG) has […]

The post State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks appeared first on Cyber Security News.

A vulnerability, which was classified as problematic, has been found in MIT Kerberos 5 1.7. Affected by this issue is some unknown functionality of the file kadmind of the component Incremental Propagation. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-24528. The attack needs to be done within the local network. There is no exploit available.

Home > Apple Intelligence, Mac administration, macOS, Management Profiles > Managing Apple I

Researchers have uncovered two critical vulnerabilities in Apple’s custom silicon chips, dubbed SLAP (Speculative Load Address Prediction) and FLOP (False Load Output Predictions).  These flaws, found in Apple’s A- and M-series processors, expose sensitive user data such as credit card details, location history, and even private email content to potential attackers.  The vulnerabilities affect a […]

The post Apple Chips Vulnerability Exposes Credit Cards & Location History to Hackers appeared first on Cyber Security News.