Aggregator

Submit #603638 / VDB-314340

Submit #603637 / VDB-314339

关键词入侵事件概述 🔍👋时间：近期事件勒索软件黑客组织 Anubis 声称入侵了巴黎迪士尼乐园（Disne

关键词黑客事件概述 🔍👋人物25岁的英国黑客IntelBroker，因频繁出售企业敏感数据而备受关注。

关键词漏洞事件概述 🔍👋影响范围兄弟、富士、东芝和康美等品牌的742款打印机，发现存在多处安全漏洞，部分漏

A vulnerability has been found in code-projects Simple Forum 1.0 and classified as critical. This vulnerability affects unknown code of the file /forum_downloadfile.php. The manipulation of the argument filename leads to path traversal. This vulnerability was named CVE-2025-6866. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in DaiCuo up to 1.3.13. This affects an unknown part of the file /admin.php/addon/index. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2025-6865. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in SeaCMS up to 13.2. Affected by this issue is some unknown functionality of the file /admin_type.php. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-6864. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #603581 / VDB-314338

A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/edit-category-detail.php. The manipulation of the argument editid leads to sql injection. This vulnerability is known as CVE-2025-6863. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #603563 / VDB-314337

A vulnerability classified as critical has been found in SourceCodester Best Salon Management System 1.0. Affected is an unknown function of the file /panel/edit_plan.php. The manipulation of the argument editid leads to sql injection. This vulnerability is traded as CVE-2025-6862. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /panel/add_plan.php. The manipulation of the argument plan_name/description/duration_days/price leads to sql injection. The identification of this vulnerability is CVE-2025-6861. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /panel/staff_commision.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability was named CVE-2025-6860. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Best Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /panel/pro_sale.php. The manipulation of the argument fromdate/todate leads to sql injection. This vulnerability is uniquely identified as CVE-2025-6859. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #603562 / VDB-314336

Submit #603386 / VDB-314335

A vulnerability was found in HDF5 1.14.6 and classified as problematic. Affected by this issue is the function H5C__flush_single_entry of the file src/H5Centry.c. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2025-6858. The attack needs to be approached locally. Furthermore, there is an exploit available.

A vulnerability has been found in HDF5 1.14.6 and classified as problematic. Affected by this vulnerability is the function H5G__node_cmp3 of the file src/H5Gnode.c. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-6857. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5FL__reg_gc_list of the file src/H5FL.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-6856. Attacking locally is a requirement. Furthermore, there is an exploit available.