Aggregator

Submit #604374 / VDB-310308

A vulnerability has been found in Microsoft Windows Vista/7/8/8.1 and classified as problematic. This vulnerability affects unknown code of the component Media Center. The manipulation leads to information disclosure. This vulnerability was named CVE-2015-6127. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-6856. Attacking locally is a requirement. Furthermore, there is an exploit available.

A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-6857. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

Currently trending CVE - Hype Score: 1 - FOG is a cloning/imaging/rescue suite/inventory management system. Prior to 1.5.10.34, packages/web/lib/fog/reportmaker.class.php in FOG was affected by a command injection via the filename parameter to /fog/management/export.php. This vulnerability is fixed in 1.5.10.34.

A vulnerability has been found in China-on-site FlexPHPLink 0.0.6/0.0.7 and classified as critical. This vulnerability affects unknown code of the file admin/index.php. The manipulation of the argument checkpass leads to sql injection. This vulnerability was named CVE-2008-6730. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Microsoft Internet Explorer 7/8/9/10. Affected is an unknown function of the component CFlatMarkupPointer Object Handler. The manipulation of the argument InsertImage leads to memory corruption. This vulnerability is traded as CVE-2013-3184. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

关键词网络攻击网络安全公司Trellix最新研究发现，一个代号为"OneClik"的高级黑客组织正通过微软Cl

关键词FacebookFacebook 正在测试一项新的 AI 功能，鼓励用户将手机相册中的照片上传至云端，以

关键词网络犯罪近日法国警方开展代号"BL2C"的跨国执法行动，成功捣毁全球最大网络犯罪论坛BreachForu

Name: Wicked6: Attack & Defense Tournament 2025 (an PlayCyber event.)
Date: March 30, 2025, 1 p.m. — 30 March 2025, 20:00 UTC  [add to calendar]
Format: Attack-Defense
On-line
Offical URL: https://www.wicked6.com/tournament
Rating weight: 0.00
Event organizers: Play Cyber

Name: UNbreakable International 2024 - Team Phase (an UNbreakable International event.)
Date: April 11, 2025, 10 a.m. — 13 April 2025, 10:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://unr25t-international.cyber-edu.co/
Rating weight: 24.82
Event organizers: bitsentinel

Name: Hack'In 0x04 (an Hack'In event.)
Date: June 14, 2025, 3 p.m. — 15 June 2025, 06:00 UTC  [add to calendar]
Format: Jeopardy
On-site
Location: 2 Rue de la Fourane 13090 Aix-en-Provence, France
Offical URL: https://hackin.fr/
Rating weight: 0.00
Event organizers: Hacky'Nov

Name: MetaCTF June 2025 Flash CTF (an MetaCTF event.)
Date: June 26, 2025, 9 p.m. — 26 June 2025, 23:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Location: Online
Offical URL: https://mctf.io/jun2025
Rating weight: 0
Event organizers: MetaCTF

Name: BSides Mumbai CTF 2025 (an BSides Mumbai event.)
Date: June 28, 2025, 10 a.m. — 29 June 2025, 10:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.bsidesmumbai.in/
Rating weight: 0.00
Event organizers: DarkArmy

关键词网络攻击知名黑客团伙 “Scattered Spider”（又名 UNC3944）正将攻击重心转向航空与

A vulnerability was found in MyWebServer 1.0.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument searchTarget leads to memory corruption. This vulnerability is known as CVE-2002-1452. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Oracle Financial Services Regulatory Reporting for US Federal Reserve 8.0.4/8.0.5/8.0.6/8.0.7. This affects an unknown part of the component Apache Batik. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2019-11358. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in China-on-site FlexPHPDirectory 0.0.1. It has been declared as critical. This vulnerability affects unknown code of the file admin/usercheck.php. The manipulation leads to sql injection. This vulnerability was named CVE-2008-6749. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in 2daybiz Job Search Engine Script. It has been rated as critical. Affected by this issue is some unknown functionality of the file show_search_result.php of the component Search Engine. The manipulation of the argument keyword leads to sql injection. This vulnerability is handled as CVE-2010-2609. The attack may be launched remotely. Furthermore, there is an exploit available.