Aggregator

CVE-2025-61115 | ABC Fine Wine & Spirits App up to 11.27.5 on Android com.cta.abcfinewineandspirits improper authentication

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability classified as critical has been found in ABC Fine Wine & Spirits App up to 11.27.5 on Android. Affected by this issue is some unknown functionality of the component com.cta.abcfinewineandspirits. This manipulation causes improper authentication. This vulnerability is registered as CVE-2025-61115. The attack requires access to the local network. No exploit is available.
vuldb.com

CVE-2025-36592 | Dell Secure Connect Gateway SCG Policy Manager 5.20/5.22/5.24/5.26/5.28 cross site scripting (dsa-2025-391)

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability described as problematic has been identified in Dell Secure Connect Gateway SCG Policy Manager 5.20/5.22/5.24/5.26/5.28. Affected by this vulnerability is an unknown functionality. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2025-36592. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-61120 | IO FIT AG Life Logger App up to 1.0.2.72 on Android com.donki.healthy information disclosure

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability marked as problematic has been reported in IO FIT AG Life Logger App up to 1.0.2.72 on Android. Affected is an unknown function of the component com.donki.healthy. The manipulation leads to information disclosure. This vulnerability is listed as CVE-2025-61120. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2025-46363 | Dell Secure Connect Gateway SCG Application and Appliance path traversal (dsa-2025-386)

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability labeled as problematic has been found in Dell Secure Connect Gateway SCG Application and Appliance up to 5.31.x. This impacts an unknown function. Executing manipulation can lead to relative path traversal. This vulnerability is tracked as CVE-2025-46363. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2025-11998 | HP Card Readers B Model X3D03B 1.0 NFC information disclosure (EUVD-2025-37031)

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability identified as problematic has been detected in HP Card Readers B Model X3D03B and Card Readers B Model Y7C05B 1.0. This affects an unknown function of the component NFC Handler. Performing manipulation results in information disclosure. This vulnerability is identified as CVE-2025-11998. The attack may be carried out on the physical device. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-62726 | n8n-io n8n up to 1.112.x Git Node inclusion of functionality from untrusted control sphere

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability categorized as critical has been discovered in n8n-io n8n up to 1.112.x. The impacted element is an unknown function of the component Git Node Component. Such manipulation leads to inclusion of functionality from untrusted control sphere. This vulnerability is referenced as CVE-2025-62726. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-61121 | Glority Mobile Scanner App 2.12.38 on Android com.glority.everlens information disclosure

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability was found in Glority Mobile Scanner App 2.12.38 on Android. It has been rated as problematic. The affected element is an unknown function of the component com.glority.everlens. This manipulation causes information disclosure. The identification of this vulnerability is CVE-2025-61121. The attack needs to be done within the local network. There is no exploit available.
vuldb.com

CVE-2025-62712 | JumpServer up to 3.10.19-lts/4.10.10-lts API Endpoint super-connection-token authorization (GHSA-6ghx-6vpv-3wg7)

VulDB Recent Entries
3 months 2 weeks ago
A vulnerability was found in JumpServer up to 3.10.19-lts/4.10.10-lts. It has been declared as critical. Impacted is an unknown function of the file /api/v1/authentication/super-connection-token/ of the component API Endpoint. The manipulation results in missing authorization. This vulnerability was named CVE-2025-62712. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month

The Hackers News
3 months 2 weeks ago
Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month. The tech giant also said it has blocked over 100 million suspicious numbers from using Rich Communication Services (RCS), an evolution of the SMS protocol, thereby preventing scams before they could even be sent. In
The Hacker News

CVE-2024-43556 | Microsoft Windows up to Server 2022 23H2 Graphics use after free

Vuldb Updates
3 months 2 weeks ago
A vulnerability was found in Microsoft Windows. It has been declared as critical. The impacted element is an unknown function of the component Graphics. The manipulation results in use after free. This vulnerability is identified as CVE-2024-43556. The attack is only possible with local access. There is not any exploit available. It is best practice to apply a patch to resolve this issue.
vuldb.com

Your Enterprise LAN Security Is a Problem—Nile Can Fix It

Security Boulevard
3 months 2 weeks ago

For decades, the Local Area Network (LAN) has been the neglected, insecure backyard of the enterprise. While we’ve poured money and talent into fortifying our data centers and cloud environments, the LAN has remained a tangled mess of implicit trust, complicated IPAM spreadsheets, and security appliances bolted on like afterthoughts. It’s the place where “plug..

The post Your Enterprise LAN Security Is a Problem—Nile Can Fix It appeared first on Security Boulevard.

Tom Hollingsworth

Veeam Sets Data Graph Course Following Acquisition of Securiti AI

Security Boulevard
3 months 2 weeks ago

Veeam Software plans to expand the scope of its offerings into the realm of data security posture management (DSPM) following the closing of a $1.725 billion acquisition of Securiti AI. Securiti AI developed a DSPM platform based on a knowledge graph that makes it possible to track the relationships between various data sets and then..

The post Veeam Sets Data Graph Course Following Acquisition of Securiti AI appeared first on Security Boulevard.

Michael Vizard

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

The Hackers News
3 months 2 weeks ago
The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, some of whom are related to Russian ransomware gangs. AdaptixC2 is an emerging extensible post-exploitation and adversarial emulation framework designed for penetration testing. While the server component is written in Golang, the GUI Client is written in C++ QT for
The Hacker News

Managed ad