Aggregator

A vulnerability labeled as critical has been found in GCC Productions Fade In 4.2.0. This impacts an unknown function of the component XML Parser. Such manipulation leads to use after free. This vulnerability is traded as CVE-2025-53814. The attack may be launched remotely. There is no exploit available.

A vulnerability described as critical has been identified in GCC Productions Fade In 4.2.0. Affected by this vulnerability is an unknown functionality of the component XML Parser. Executing manipulation can lead to out-of-bounds write. This vulnerability is handled as CVE-2025-53855. The attack can be executed remotely. There is not any exploit available.

A vulnerability categorized as critical has been discovered in ADOdb up to 5.22.9. The impacted element is the function metaColumns/metaForeignKeys/metaIndexes of the component Table Name Handler. The manipulation results in sql injection. This vulnerability is reported as CVE-2025-54119. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in Planet WGR-500 1.3411b190912. This affects the function formPingCmd. The manipulation of the argument submit-url results in stack-based buffer overflow. This vulnerability is known as CVE-2025-54401. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as critical, has been found in Planet WGR-500 1.3411b190912. This impacts the function formPingCmd. This manipulation of the argument submit-url/ipaddr causes stack-based buffer overflow. This vulnerability is handled as CVE-2025-54402. The attack can be initiated remotely. There is not any exploit available.

A vulnerability was found in Planet WGR-500 1.3411b190912 and classified as critical. Affected by this issue is the function formPingCmd. Executing manipulation of the argument counts can lead to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-54400. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Planet WGR-500 1.3411b190912. It has been classified as critical. This affects the function swctrl. The manipulation of the argument new_password leads to os command injection. This vulnerability is referenced as CVE-2025-54403. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Planet WGR-500 1.3411b190912. It has been declared as critical. This vulnerability affects the function swctrl. The manipulation of the argument new_device_name results in os command injection. This vulnerability is identified as CVE-2025-54404. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Planet WGR-500 1.3411b190912. It has been rated as critical. This issue affects the function formPingCmd. This manipulation of the argument ipaddr causes os command injection. This vulnerability is tracked as CVE-2025-54405. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability categorized as critical has been discovered in Planet WGR-500 1.3411b190912. Impacted is the function formPingCmd. Such manipulation of the argument counts leads to os command injection. This vulnerability is listed as CVE-2025-54406. The attack may be performed from remote. There is no available exploit.

SESSION Session 1D: System-Level Security

Authors, Creators & Presenters: Yuan Li (Zhongguancun Laboratory & Tsinghua University), Chao Zhang (Tsinghua University & JCSS & Zhongguancun Laboratory), Jinhao Zhu (UC Berkeley), Penghui Li (Zhongguancun Laboratory), Chenyang Li (Peking University), Songtao Yang (Zhongguancun Laboratory), Wende Tan (Tsinghua University)

PAPER
VulShield: Protecting Vulnerable Code Before Deploying Patches
Despite the high frequency of vulnerabilities exposed in software, patching these vulnerabilities remains slow and challenging, which leaves a potential attack window. To mitigate this threat, researchers seek temporary solutions to prevent vulnerabilities from being exploited or triggered before they are officially patched. However, prior approaches have limited protection scope, often require code modification of the target vulnerable programs, and rely on recent system features. These limitations significantly reduce their usability and practicality. In this work, we introduce VulShield, an automated temporary protection system that addresses these limitations. VulShield leverages sanitizer reports, and automatically generates security policies that describe the vulnerability triggering conditions. The policies are then enforced through a Linux kernel module that can efficiently detect and prevent vulnerability from being triggered or exploited at runtime. By carefully designing the kernel module, VulShield is capable of protecting both vulnerable kernels and user-space programs running on them. It does not rely on recent system features like eBPF and Linux security modules. VulShield is also pluggable and non-invasive as it does not need to modify the code of target vulnerable software. We evaluated VulShield's capability in a comprehensive set of vulnerabilities in 9 different types and found that VulShield mitigated all cases in an automated and effective manner. For Nginx, the latency introduced per request does not exceed 0.001 ms, while the peak performance overhead observed in UnixBench is 1.047%.

Our thanks to the Network and Distributed System Security (NDSS) Symposium for publishing their Creators, Authors and Presenter’s superb NDSS Symposium 2025 Conference content on the organization’s’ YouTube channel.

Permalink

The post NDSS 2025 – VulShield: Protecting Vulnerable Code Before Deploying Patches appeared first on Security Boulevard.

Ransomware attacks continue to evolve into sophisticated strategic and psychological operations. Threat actors are always seeking ways to maximize their illicit gains, and they’ve now discovered a powerful piece to leverage: a company’s cyber insurance policy. When attackers gain access to cyber policy details, they come to a ransomware negotiation already holding some of their..

The post How Ransomware Attacks Leverage Cyber Insurance Policies appeared first on Security Boulevard.

Questioning how Flock Safety protects sensitive user accounts, Sen. Ron Wyden and Rep. Raja Krishnamoorthi want the FTC to investigate the police surveillance tech provider.

The alleged cybersecurity turncoats attacked at least five U.S. companies while working for their respective employers, officials said.

The post Prosecutors allege incident response pros used ALPHV/BlackCat to commit string of ransomware attacks appeared first on CyberScoop.

A vulnerability was found in Hospira LifeCare PCA Infusion System up to 6.x and classified as problematic. This affects an unknown function. Such manipulation leads to insufficient verification of data authenticity. This vulnerability is traded as CVE-2014-5406. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability identified as critical has been detected in Hospira MedNet up to 5.8. This vulnerability affects unknown code of the component JBoss Enterprise Application Platform. This manipulation causes code injection. This vulnerability is handled as CVE-2014-5401. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in Mitel MiVoice Connect up to 19.1. It has been rated as critical. This affects an unknown function of the component UCB. This manipulation as part of Parameter causes improper input validation. This vulnerability appears as CVE-2020-10211. The attack may be initiated remotely. There is no available exploit. It is recommended to apply a patch to fix this issue.

A vulnerability categorized as critical has been discovered in Mitel MiVoice Connect Client. This impacts an unknown function. Such manipulation leads to inadequate encryption strength (Credentials). This vulnerability is traded as CVE-2020-10377. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in LuaJIT up to 2.0.5. Affected by this vulnerability is an unknown functionality. Performing manipulation results in type confusion. This vulnerability was named CVE-2019-19391. The attack may be initiated remotely. There is no available exploit. The actual existence of this vulnerability is currently in question.

Ukrainian Yuriy Rybtsov, aka MrICQ, a suspected Jabber Zeus developer, was extradited from Italy to the US to face cybercrime charges. Ukrainian national Yuriy Igorevich Rybtsov (41), aka MrICQ, an alleged Jabber Zeus developer, was arrested in Italy, lost his extradition appeal, and has been sent to the US to face cybercrime charges. After a […]