Aggregator

CVE-2011-10016 | RealNetworks Netzip Classic 7.5.1.86 ZIP File Parser stack-based overflow (EUVD-2011-5243 / EDB-16083)

1 month 2 weeks ago

A vulnerability, which was classified as critical, has been found in RealNetworks Netzip Classic 7.5.1.86. Affected by this issue is some unknown functionality of the component ZIP File Parser. The manipulation leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2011-10016. The attack may be launched remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2012-10059 | Dolibarr ERP/CRM up to 3.1.1/3.2.0 Database Backup sql_compat os command injection (EUVD-2012-6605 / EDB-18724)

Vuldb Updates

1 month 2 weeks ago

A vulnerability was found in Dolibarr ERP and CRM up to 3.1.1/3.2.0. It has been classified as critical. Affected is an unknown function of the component Database Backup Handler. The manipulation of the argument sql_compat leads to os command injection. This vulnerability is traded as CVE-2012-10059. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2011-10018 | MyBB 1.6.4 backdoor (EUVD-2011-5246 / EDB-17949)

Vuldb Updates

1 month 2 weeks ago

A vulnerability was found in MyBB 1.6.4 and classified as critical. This issue affects some unknown processing. The manipulation leads to backdoor. The identification of this vulnerability is CVE-2011-10018. The attack may be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2012-10057 | Lattice Semiconductor ispVM System 18.0.2 xcf Project File stack-based overflow (EUVD-2012-6604 / EDB-18947)

Vuldb Updates

1 month 2 weeks ago

A vulnerability has been found in Lattice Semiconductor ispVM System 18.0.2 and classified as critical. This vulnerability affects unknown code of the component xcf Project File Handler. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2012-10057. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

科技爱好者周刊（第 361 期）：暗网 Tor 安全吗？

不安全

1 month 2 weeks ago

文章介绍了烟台时光塔及其功能，探讨了Tor浏览器和暗网的安全性问题，并分享了多篇科技动态文章，包括中国载人月球登陆器测试、手机通话被激光窃听的技术演示等。此外还介绍了多个工具和资源，并回顾了往年的话题。

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

不安全

1 month 2 weeks ago

黑客利用微软漏洞入侵加拿大议会数据库，窃取员工信息。加拿大通信安全机构介入调查，但攻击者身份不明。此次攻击或与CVE-2025-53770漏洞相关。近年来加拿大面临网络威胁增加。

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

Security Affairs

1 month 2 weeks ago

Hackers breached Canada ’s House of Commons, exploiting a recent Microsoft flaw, compromising data, according to CBC News. Threat actors reportedly breached Canada’s House of Commons by exploiting a recently disclosed Microsoft vulnerability. “The House of Commons and Canada’s cybersecurity agency are investigating a significant data breach caused by an unknown “threat actor” targeting employee […]

Pierluigi Paganini

SNI5GECT: Sniffing and Injecting 5G Traffic Without Rogue Base Stations, (Thu, Aug 14th)

不安全

1 month 2 weeks ago

文章介绍了ASSET研究组开发的SNI5GECT框架，该框架能够实时嗅探5G预认证通信并注入攻击载荷至下行链路。通过多阶段降级攻击，该框架可迫使用户设备断开5G连接并降级至4G网络。尽管存在距离限制和模块化设计等局限性，但SNI5GECT为5G安全研究提供了重要工具。

系统视角下的智能汽车软件架构及供应体系

CodeWisdom

1 month 2 weeks ago

9月10日下午，彭鑫老师将在AutoSQT 2025第二届汽车软件质量与测试峰会上作报告

美团智能头盔研发实践系列02：软件功能篇

美团技术团队

1 month 2 weeks ago

本文系《美团智能头盔研发实践系列》的第二篇文章，围绕智能头盔如何通过主动安全和被动安全相结合的方式有效保护骑手，主要包括智能头盔骑行通话质量强化、智能语音助手、碰撞摔倒监控等三项软件能力。

美团技术团队

美团智能头盔研发实践系列01：硬件设计篇

美团技术团队

1 month 2 weeks ago

本文系《美团智能头盔研发实践》系列的第一篇文章，聚焦硬件设计维度。针对外卖骑手传统头盔佩戴体验不佳等痛点，从安全保障、体验优化、效率提升三大方向切入，详细解析安全防护、多传感器预警、通风减重、长效续航、音频降噪、工艺控制等关键技术，并提炼研发过程中行之有效的设计经验。

美团技术团队

工信部预警BERT勒索软件风险！附官方防范指南

威努特工控安全

1 month 2 weeks ago

注意！攻击易导致服务中断、业务停摆。

Qilin Ransomware Leads The Attack Landscape With 70+ Claimed Victims in July

Cyber Security News

1 month 2 weeks ago

The ransomware threat landscape witnessed a concerning surge in July 2025, with the Qilin ransomware group maintaining its dominant position for the third time in four months. The group successfully claimed 73 victims on its data leak site, representing 17.3% of the month’s total 423 ransomware incidents. This marks a significant consolidation of criminal operations […]

The post Qilin Ransomware Leads The Attack Landscape With 70+ Claimed Victims in July appeared first on Cyber Security News.

Tushar Subhra Dutta

Everest

Dark Feed IO

1 month 2 weeks ago

You must login to view this content

cohenido

New FireWood Malware Attacking Linux Systems to Execute Commands and Exfiltrate Sensitive Data

Cyber Security News

1 month 2 weeks ago

A sophisticated new variant of the FireWood backdoor has emerged, targeting Linux systems with enhanced evasion capabilities and streamlined command execution functionality. This latest iteration represents a significant evolution of the malware family first discovered by ESET’s research team, which has been linked to the long-running “Project Wood” malware lineage dating back to at least […]

The post New FireWood Malware Attacking Linux Systems to Execute Commands and Exfiltrate Sensitive Data appeared first on Cyber Security News.

Tushar Subhra Dutta

Daily Dose of Dark Web Informer - 14th of August 2025

Dark Web Informer - Cyber Threat Intelligence

1 month 2 weeks ago

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Dark Web Informer

CVE-2025-8922 | code-projects Job Diary 1.0 /admin-inbox.php ID sql injection

Vuldb Updates

1 month 2 weeks ago

A vulnerability, which was classified as critical, was found in code-projects Job Diary 1.0. This affects an unknown part of the file /admin-inbox.php. The manipulation of the argument ID leads to sql injection. This vulnerability is uniquely identified as CVE-2025-8922. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-8923 | code-projects Job Diary 1.0 /edit-details.php ID sql injection (EUVD-2025-24635)

Vuldb Updates

1 month 2 weeks ago

A vulnerability has been found in code-projects Job Diary 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit-details.php. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2025-8923. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-8924 | Campcodes Online Water Billing System 1.0 /viewbill.php ID sql injection (EUVD-2025-24634)

Vuldb Updates

1 month 2 weeks ago

A vulnerability was found in Campcodes Online Water Billing System 1.0 and classified as critical. This issue affects some unknown processing of the file /viewbill.php. The manipulation of the argument ID leads to sql injection. The identification of this vulnerability is CVE-2025-8924. The attack may be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-8925 | itsourcecode Sports Management System 1.0 /Admin/match.php sql injection (EUVD-2025-24633)

Vuldb Updates

1 month 2 weeks ago

A vulnerability was found in itsourcecode Sports Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Admin/match.php. The manipulation of the argument code leads to sql injection. This vulnerability is traded as CVE-2025-8925. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com

Aggregator

Managed ad