Aggregator

关键词木马为保护公民个人信息，警方频频出击，对泄漏、倒卖公民个人信息的行为进行打击。近期，上海警方就接连破获多起相关案件。

研究人员对美国 23 种啤酒进行了测试，发现 95% 含有 PFAS。PFAS（全氟烷基和多氟烷基物质）涵盖约 9000 种化合物，主要用于制造防水、防污或耐热型产品。这类化学品被广泛应用于数十个行业产出的几千种日常消费品，包括防污剂、地毯以及鞋子。PFAS 被称为“永久留存的化学品”，因为它们不会自然分解。它们会在包括人类在内的各种动物体内积累，与癌症、新生儿缺陷、肝病、甲状腺疾病、免疫力下降、激素紊乱及其它一系列严重健康问题相关。尽管啤酒厂通常有水过滤和处理系统，但其设计不是旨在清除 PFAS。研究人员呼吁啤酒厂、消费者和监管机构提高认识，而啤酒厂可能需要升级水处理系统清除 PFAS。

Follow the top 20 programmers on Twitter for 2025! Get actionable coding tips, industry insights, and stay ahead on tech trends from leading developers.

The post Top 20 Programmers & Developers to Follow on Twitter for Coding Tips in 2025 appeared first on Security Boulevard.

A vulnerability, which was classified as critical, was found in Microsoft Exchange 5.5. The impacted element is an unknown function of the component Mail Connector. Such manipulation of the argument EHLO leads to memory corruption. This vulnerability is listed as CVE-2002-0698. The attack may be performed from remote. There is no available exploit. Applying a patch is advised to resolve this issue.

A vulnerability has been found in SurfControl Superscout Web Filter 3.0 and classified as critical. This affects an unknown part of the component Web Reports Server. The manipulation leads to information disclosure (Password). This vulnerability is listed as CVE-2002-0705. The attack may be initiated remotely. In addition, an exploit is available. It is recommended to add further authentication.

A vulnerability was found in Microsoft Windows up to XP. It has been rated as problematic. Affected is an unknown function of the component Certificate Enrollment ActiveX Control. The manipulation leads to an unknown weakness. This vulnerability is traded as CVE-2002-0699. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to install a patch to address this issue.

A vulnerability was found in SurfControl Superscout Web Filter 3.0. It has been declared as problematic. Impacted is an unknown function of the component Web Reports Server. Such manipulation with the input ... leads to path traversal. This vulnerability is documented as CVE-2002-0708. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability marked as critical has been reported in Microsoft Windows NT 4.0/2000. Impacted is an unknown function of the component SMB Handler. Performing manipulation as part of SMB_COM_TRANSACTION Packet results in memory corruption. This vulnerability is identified as CVE-2002-0724. The attack can be initiated remotely. Additionally, an exploit exists. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in PHP 4.2.0/4.2.1. This impacts an unknown function of the component HTTP POST Request Handler. Executing manipulation can lead to memory corruption. This vulnerability appears as CVE-2002-0717. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Campcodes Computer Sales and Inventory System 1.0. It has been rated as critical. The impacted element is an unknown function of the file /pages/sup_searchfrm.php?action=edit. This manipulation of the argument ID causes sql injection. The identification of this vulnerability is CVE-2025-10436. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Computer Sales and Inventory System 1.0. It has been declared as critical. The affected element is an unknown function of the file /pages/cust_edit1.php. The manipulation of the argument ID results in sql injection. This vulnerability was named CVE-2025-10435. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability was found in IbuyuCMS up to 2.6.3. It has been classified as problematic. Impacted is an unknown function of the file /admin/article.php?a=mod of the component Add Article Page. The manipulation of the argument Title leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-10434. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Submit #647616 / VDB-323870

Submit #647615 / VDB-323869

A vulnerability was found in 1Panel-dev MaxKB up to 2.0.2/2.1.0 and classified as critical. This issue affects some unknown processing of the file /admin/api/workspace/default/tool/debug. Executing manipulation of the argument code can lead to deserialization. This vulnerability is handled as CVE-2025-10433. The attack can be executed remotely. Additionally, an exploit exists. It is suggested to upgrade the affected component.

Submit #647590 / VDB-323868

Submit #647589 / VDB-323867

A vulnerability has been found in Tenda AC1206 15.03.06.23 and classified as critical. This vulnerability affects the function check_param_changed of the file /goform/AdvSetMacMtuWa of the component HTTP Request Handler. Performing manipulation of the argument wanMTU results in stack-based buffer overflow. This vulnerability is known as CVE-2025-10432. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability, which was classified as critical, was found in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/ajax_represent.php. Such manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2025-10431. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in SourceCodester Pet Grooming Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/barcode.php. This manipulation of the argument ID causes sql injection. This vulnerability appears as CVE-2025-10430. The attack may be initiated remotely. In addition, an exploit is available.