Aggregator

CVE-2024-44201 | Apple iOS/iPadOS File denial of service (WID-SEC-2024-3692)

Vuldb Updates
1 month 1 week ago
A vulnerability, which was classified as problematic, has been found in Apple iOS and iPadOS. Affected by this issue is some unknown functionality of the component File Handler. The manipulation leads to denial of service. This vulnerability is documented as CVE-2024-44201. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-9610 | code-projects Online Event Judging System 1.0 /create_account.php fname sql injection (EUVD-2025-26170)

Vuldb Updates
1 month 1 week ago
A vulnerability marked as critical has been reported in code-projects Online Event Judging System 1.0. This issue affects some unknown processing of the file /create_account.php. This manipulation of the argument fname causes sql injection. This vulnerability is tracked as CVE-2025-9610. The attack is possible to be carried out remotely. Moreover, an exploit is present. Other parameters might be affected as well.
vuldb.com

-7.1%!网络安全行业二季度营收继续萎缩

表图
1 month 1 week ago
2025 年第二季度,21 家网络安全上市公司合计营收 60.7 亿元,同比下降 7.1%,行业已连续八个季度负增长。下游需求依旧疲弱,毛利率和现金流等指标未见改善。要扭转局面,行业亟需通过并购与整合加速出清低效产能,提升整体效率。

CVE-2025-34522 | Arcserve Unified Data Protection up to 10.1 heap-based overflow (EUVD-2025-26165)

Vuldb Updates
1 month 1 week ago
A vulnerability was found in Arcserve Unified Data Protection up to 10.1. It has been declared as critical. Impacted is an unknown function. Such manipulation leads to heap-based buffer overflow. This vulnerability is documented as CVE-2025-34522. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-34523 | Arcserve Unified Data Protection up to 10.1 heap-based overflow (EUVD-2025-26166)

Vuldb Updates
1 month 1 week ago
A vulnerability was found in Arcserve Unified Data Protection up to 10.1. It has been rated as critical. The affected element is an unknown function. Performing manipulation results in heap-based buffer overflow. This vulnerability is reported as CVE-2025-34523. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2025-9578 | Acronis Cyber Protect Cloud Agent up to 40733 on Windows permission assignment (EUVD-2025-26058 / WID-SEC-2025-1924)

Vuldb Updates
1 month 1 week ago
A vulnerability labeled as critical has been found in Acronis Cyber Protect Cloud Agent up to 40733 on Windows. This affects an unknown function. Such manipulation leads to incorrect permission assignment. This vulnerability is listed as CVE-2025-9578. The attack must be carried out locally. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2024-13342 | Booster for WooCommerce Plugin up to 7.2.4 on WordPress Double Extension add_files_to_order unrestricted upload (EUVD-2024-54930)

Vuldb Updates
1 month 1 week ago
A vulnerability described as critical has been identified in Booster for WooCommerce Plugin up to 7.2.4 on WordPress. The affected element is the function add_files_to_order of the component Double Extension Handler. Executing manipulation can lead to unrestricted upload. The identification of this vulnerability is CVE-2024-13342. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-9217 | Slider Revolution Plugin up to 6.7.36 on WordPress used_svg/used_images path traversal (EUVD-2025-26172)

Vuldb Updates
1 month 1 week ago
A vulnerability classified as critical has been found in Slider Revolution Plugin up to 6.7.36 on WordPress. The impacted element is an unknown function. The manipulation of the argument used_svg/used_images leads to path traversal. This vulnerability is referenced as CVE-2025-9217. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

Google Confirms Potential Compromise of All Salesloft Drift Customer Authentication Tokens

Cyber Security News
1 month 1 week ago

Google has confirmed that a security breach involving the Salesloft Drift platform is more extensive than initially reported, potentially compromising all authentication tokens connected to the service. The new findings from the Google Threat Intelligence Group (GTIG) indicate that the incident, previously thought to be limited to Salesforce integrations, affects all third-party applications connected to […]

The post Google Confirms Potential Compromise of All Salesloft Drift Customer Authentication Tokens appeared first on Cyber Security News.

Guru Baran

Critical Hikvision Vulnerabilities Allow Remote Command Injection

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 month 1 week ago

On August 28, 2025, the Hikvision Security Response Center (HSRC) issued Security Advisory SN No. HSRC-202508-01, detailing three critical vulnerabilities affecting various HikCentral products. Collectively assigned CVE identifiers CVE-2025-39245, CVE-2025-39246, and CVE-2025-39247, these vulnerabilities range in severity from moderate to high and could enable attackers to execute unauthorized commands, escalate privileges, or obtain administrative access. […]

The post Critical Hikvision Vulnerabilities Allow Remote Command Injection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Mayura Kathir

INC

Dark Feed IO
1 month 1 week ago

You must login to view this content

cohenido

INC

Dark Feed IO
1 month 1 week ago

You must login to view this content

cohenido

Managed ad