Aggregator

CVE-2024-12755 | Avaya Spaces cross site scripting

1 month 3 weeks ago

A vulnerability, which was classified as problematic, was found in Avaya Spaces. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-12755. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2024-12756 | Avaya Spaces cross site scripting

Vuldb Updates

1 month 3 weeks ago

A vulnerability was found in Avaya Spaces. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2024-12756. The attack can be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-50062 | Oracle PeopleSoft Enterprise HCM Global Payroll Core 9.2.51/9.2.52 Global Payroll for Core improper authorization (EUVD-2025-21516)

Vuldb Updates

1 month 3 weeks ago

A vulnerability was found in Oracle PeopleSoft Enterprise HCM Global Payroll Core 9.2.51/9.2.52 and classified as critical. This issue affects some unknown processing of the component Global Payroll for Core. The manipulation leads to improper authorization. The identification of this vulnerability is CVE-2025-50062. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-30750 | Oracle Database Server up to 19.27/21.18/23.8 Unified Audit Component improper authorization (EUVD-2025-21529)

Vuldb Updates

1 month 3 weeks ago

A vulnerability, which was classified as critical, was found in Oracle Database Server up to 19.27/21.18/23.8. Affected is an unknown function of the component Unified Audit Component. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2025-30750. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-30758 | Oracle Siebel CRM End User up to 25.5 User Interface information disclosure (EUVD-2025-21523)

Vuldb Updates

1 month 3 weeks ago

A vulnerability was found in Oracle Siebel CRM End User up to 25.5. It has been classified as problematic. This affects an unknown part of the component User Interface. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2025-30758. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-30739 | Oracle CRM Technical Foundation up to 12.2.13 Preferences improper authorization (EUVD-2025-21538)

Vuldb Updates

1 month 3 weeks ago

A vulnerability, which was classified as critical, has been found in Oracle CRM Technical Foundation up to 12.2.13. This issue affects some unknown processing of the component Preferences. The manipulation leads to improper authorization. The identification of this vulnerability is CVE-2025-30739. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-30743 | Oracle Lease and Finance Management 12.2.13 Internal Operations authorization (EUVD-2025-21536)

Vuldb Updates

1 month 3 weeks ago

A vulnerability classified as critical was found in Oracle Lease and Finance Management 12.2.13. This vulnerability affects unknown code of the component Internal Operations. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2025-30743. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-30745 | Oracle MES for Process Manufacturing 12.2.12/12.2.13 Device Integration cross-site request forgery

Vuldb Updates

1 month 3 weeks ago

A vulnerability was found in Oracle MES for Process Manufacturing 12.2.12/12.2.13 and classified as critical. Affected by this issue is some unknown functionality of the component Device Integration. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-30745. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-48795 | Apache CXF up to 3.5.10/3.6.5/4.0.6/4.1.0 resource consumption (EUVD-2025-21438 / Nessus ID 242260)

Vuldb Updates

1 month 3 weeks ago

A vulnerability was found in Apache CXF up to 3.5.10/3.6.5/4.0.6/4.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to resource consumption. This vulnerability is known as CVE-2025-48795. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Android Banking Malware Masquerades as Government Agencies to Attack Users

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

1 month 3 weeks ago

Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated Android banking trojan dubbed RedHook, which disguises itself as legitimate applications from Vietnamese government and financial institutions to deceive users. This malware, first observed in the wild around January 2025, exploits phishing websites mimicking entities like the State Bank of Vietnam, Sacombank, Central Power Corporation, […]

The post Android Banking Malware Masquerades as Government Agencies to Attack Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Russian airline Aeroflot grounds dozens of flights after cyberattack

Bleeping Computer.

1 month 3 weeks ago

Aeroflot, Russia's flag carrier, has suffered a cyberattack that resulted in the cancellation of more than 60 flights and severe delays on additional flights. [...]

Bill Toulas

Want To Detect Incidents Before It’s Too Late? You Need Threat Intelligence

Cyber Security News

1 month 3 weeks ago

The difference between a minor security incident and a devastating breach often comes down to one critical factor: how quickly you can detect and respond to a threat. Hackers rarely target an isolated business: they typically launch campaigns that hit multiple companies with similar tactics, techniques, and procedures (TTPs). This means, by the time an […]

The post Want To Detect Incidents Before It’s Too Late? You Need Threat Intelligence appeared first on Cyber Security News.

Balaji N

Beast New Threat Actor

Dark Feed IO

1 month 3 weeks ago

You must login to view this content

cohenido

Порноместь: как сохранить свои сексуальные данные в безопасности и как действовать, если вы стали жертвой незаконного распространения интимной информации

Securitylab.ru

1 month 3 weeks ago

Вы когда-нибудь отправляли своему партнеру откровенные фото или видео? А вы уверены, что они не попадут в чужие руки? К сожалению, в наше время это не такая уж редкость. Существует такое явление, как порноместь - когда кто-то выкладывает в интернете вашу интимную информацию без вашего разрешения. Это может быть ваш бывший любовник, который хочет отомстить вам за расставание; хакер, который взломал ваш компьютер или телефон; или просто злой человек, который нашел вашу фотку в сети и решил поиздеваться над вами.