Aggregator

CVE-2025-27153 | pluginsGLPI escalade up to 2.9.10 access control (GHSA-pvqv-8r3r-47m9 / EUVD-2025-19663)

Vuldb Updates
2 months 1 week ago
A vulnerability has been found in pluginsGLPI escalade up to 2.9.10 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2025-27153. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-53107 | cyanheads git-mcp-server up to 2.1.4 child_process command injection (GHSA-3q26-f695-pp76 / EUVD-2025-19657)

Vuldb Updates
2 months 1 week ago
A vulnerability, which was classified as critical, was found in cyanheads git-mcp-server up to 2.1.4. This affects the function child_process. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2025-53107. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-34081 | Contec CONPROSYS HMI System up to 3.7.6 phpinfo insertion of sensitive information into debugging code (EUVD-2025-19656)

Vuldb Updates
2 months 1 week ago
A vulnerability was found in Contec CONPROSYS HMI System up to 3.7.6. It has been classified as problematic. Affected is the function phpinfo. The manipulation leads to insertion of sensitive information into debugging code. This vulnerability is traded as CVE-2025-34081. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-53103 | junit-team junit-framework up to 5.13.1 XML File Parser cleartext storage (GHSA-m43g-m425-p68x / EUVD-2025-19655)

Vuldb Updates
2 months 1 week ago
A vulnerability classified as problematic was found in junit-team junit-framework up to 5.13.1. This vulnerability affects unknown code of the component XML File Parser. The manipulation leads to cleartext storage of sensitive information. This vulnerability was named CVE-2025-53103. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-6600 | GitHub Enterprise Server up to 3.17.1 Search API Endpoint information disclosure (EUVD-2025-19654)

Vuldb Updates
2 months 1 week ago
A vulnerability, which was classified as problematic, has been found in GitHub Enterprise Server up to 3.17.1. This issue affects some unknown processing of the component Search API Endpoint. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-6600. The attack may be initiated remotely. There is no exploit available.
vuldb.com

Qilin

Dark Feed IO
2 months 1 week ago

You must login to view this content

cohenido

Qilin

Dark Feed IO
2 months 1 week ago

You must login to view this content

cohenido

Hacktivist Group Claimed Attacks Across 20+ Critical Sectors Following Iran–Israel Conflict

Cyber Security News
2 months 1 week ago

The escalating tensions between Iran and Israel have triggered an unprecedented surge in hacktivist cyber operations, with over 80 distinct groups launching coordinated attacks across 18 critical infrastructure sectors. Following Israeli airstrikes on Iranian military and nuclear facilities in June 2025, pro-Iranian and pro-Palestinian hacktivist collectives mobilized almost immediately, targeting Israeli government systems, energy infrastructure, […]

The post Hacktivist Group Claimed Attacks Across 20+ Critical Sectors Following Iran–Israel Conflict appeared first on Cyber Security News.

Tushar Subhra Dutta

A sophisticated cyberattack hit the International Criminal Court

Security Affairs
2 months 1 week ago
The International Criminal Court (ICC) is probing a sophisticated cyberattack that was discovered and contained last week. On June 30, 2025, the International Criminal Court (ICC) announced that it was hit by a sophisticated and targeted cyberattack. The organization confirmed that the incident was detected and contained by its defense systems. “Late last week, the […]
Pierluigi Paganini

CVE-2024-13786 | Education Center Plugin up to 3.6.10 on WordPress themerex_callback_view_more_posts deserialization (EUVD-2024-54721)

VulDB Recent Entries
2 months 1 week ago
A vulnerability classified as critical was found in Education Center Plugin up to 3.6.10 on WordPress. Affected by this vulnerability is the function themerex_callback_view_more_posts. The manipulation leads to deserialization. This vulnerability is known as CVE-2024-13786. The attack can be launched remotely. There is no exploit available.
vuldb.com

Managed ad