Aggregator

CVE-2025-30258 | GnuPG up to 2.5.4 Certificate Import unusual condition (EUVD-2025-6762 / Nessus ID 241673)

Vuldb Updates
2 months 1 week ago
A vulnerability classified as problematic has been found in GnuPG up to 2.5.4. Affected is an unknown function of the component Certificate Import. The manipulation leads to improper check for unusual conditions. This vulnerability is traded as CVE-2025-30258. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-49536 | Adobe ColdFusion up to 2021.20/2023.14/2025.2 authorization (apsb25-69 / EUVD-2025-20702)

Vuldb Updates
2 months 1 week ago
A vulnerability, which was classified as problematic, was found in Adobe ColdFusion up to 2021.20/2023.14/2025.2. This affects an unknown part. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-49536. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-37524 | IBM Analytics Content Hub 2.0/2.1/2.2/2.3 information exposure (EUVD-2024-54771)

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in IBM Analytics Content Hub 2.0/2.1/2.2/2.3. It has been classified as problematic. Affected is an unknown function. The manipulation leads to information exposure through error message. This vulnerability is traded as CVE-2024-37524. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-39752 | IBM Analytics Content Hub 2.0/2.1/2.2/2.3 unrestricted upload (EUVD-2024-54769)

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in IBM Analytics Content Hub 2.0/2.1/2.2/2.3 and classified as critical. This issue affects some unknown processing. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2024-39752. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-36090 | IBM Analytics Content Hub 2.0/2.1/2.2/2.3 information exposure (EUVD-2025-20996)

VulDB Recent Entries
2 months 1 week ago
A vulnerability has been found in IBM Analytics Content Hub 2.0/2.1/2.2/2.3 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to information exposure through error message. This vulnerability was named CVE-2025-36090. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-38327 | IBM Analytics Content Hub 2.0/2.1/2.2/2.3 API sensitive information in source (EUVD-2024-54770)

VulDB Recent Entries
2 months 1 week ago
A vulnerability, which was classified as problematic, was found in IBM Analytics Content Hub 2.0/2.1/2.2/2.3. This affects an unknown part of the component API. The manipulation leads to inclusion of sensitive information in source code. This vulnerability is uniquely identified as CVE-2024-38327. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Fake Gaming and AI Firms Push Malware on Cryptocurrency Users via Telegram and Discord

The Hackers News
2 months 1 week ago
Cryptocurrency users are the target of an ongoing social engineering campaign that employs fake startup companies to trick users into downloading malware that can drain digital assets from both Windows and macOS systems. "These malicious operations impersonate AI, gaming, and Web3 firms using spoofed social media accounts and project documentation hosted on legitimate platforms like Notion and
The Hacker News

INE Security Unveiled Enhanced eMAPT Certification

Cyber Security News
2 months 1 week ago

Cary, North Carolina, July 10th, 2025, CyberNewsWire Industry’s Most Comprehensive Mobile Application Penetration Testing Program Addresses Real-World Mobile Security Challenges. INE Security, a leading provider of cybersecurity education and cybersecurity certifications, today launched its significantly enhanced eMAPT (Mobile Application Penetration Testing) certification. The updated certification delivers the industry’s most comprehensive and practical approach to mobile application […]

The post INE Security Unveiled Enhanced eMAPT Certification appeared first on Cyber Security News.

Cybernewswire

Critical Linux Kernel’ Double Free Vulnerability Let Attackers Escalate Privileges

Cyber Security News
2 months 1 week ago

A severe double-free vulnerability has been discovered in the Linux kernel’s NFT (netfilter) subsystem, specifically within the pipapo set module.  This critical security flaw allows unprivileged attackers to achieve local privilege escalation by exploiting kernel memory corruption through specially crafted netlink messages. Key Takeaways1. Double-free bug in Linux kernel's NFT subsystem (versions 5.6-rc1 to 6.13-rc3) […]

The post Critical Linux Kernel’ Double Free Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

Guru Baran

CVE-2024-36697 | Allworx System Software 9.1.9.12 Admin Login Page query.asp SessionID cross site scripting

VulDB Recent Entries
2 months 1 week ago
A vulnerability classified as problematic has been found in Allworx System Software 9.1.9.12. Affected is an unknown function of the file query.asp of the component Admin Login Page. The manipulation of the argument SessionID leads to cross site scripting. This vulnerability is traded as CVE-2024-36697. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-6211 | run-llama llama_index up to 0.3.0 MD5 Hash DocugamiReader expected behavior violation (EUVD-2025-20993)

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in run-llama llama_index up to 0.3.0. It has been rated as critical. This issue affects the function DocugamiReader of the component MD5 Hash Handler. The manipulation leads to expected behavior violation. The identification of this vulnerability is CVE-2025-6211. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad