Aggregator

A vulnerability has been found in Linux Kernel up to 5.17.3 and classified as problematic. This vulnerability affects the function tcmu_try_get_data_page. The manipulation of the argument cmdr_lock leads to improper update of reference count. This vulnerability was named CVE-2022-49053. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.7.3 and classified as critical. Affected by this issue is the function kvm_arch_vcpu_ioctl_set_fpu of the component s390. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2023-52597. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Proget Konsola MDM up to 2.17.4. It has been classified as problematic. This affects an unknown part. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-1415. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in eCharge Hardy Barth cPH2 Charging Station and cPP2 Charging Station up to 2.2.0. Affected by this issue is some unknown functionality of the file /var/salia/mqtt.php of the component MQTT Message Handler. The manipulation leads to os command injection. This vulnerability is handled as CVE-2025-27804. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability was found in eCharge Hardy Barth cPH2 Charging Station and cPP2 Charging Station up to 2.2.0. It has been classified as critical. Affected is an unknown function of the component Web Interface. The manipulation leads to hard-coded credentials. This vulnerability is traded as CVE-2025-48414. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in eCharge Hardy Barth cPH2 Charging Station and cPP2 Charging Station up to 2.2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /etc/passwd. The manipulation leads to hard-coded credentials. This vulnerability is handled as CVE-2025-48413. It is possible to launch the attack on the physical device. There is no exploit available.

Сервис усложнит злоумышленникам доступ к мобильному коду и корпоративной инфраструктуре.

马普人类发展研究所研究人员分析了过去 20 年英语新闻机构的约 4000 万条新闻标题，发现新闻标题过去二十年越来越长越来越负面，越来越注重增加点击率而不管新闻质量。研究人员将互联网比作一个巨大的市场，记者利用标题争夺读者的注意力。在数字时代，注意力是一种稀缺而宝贵的商品，内容的制作成本比以往任何时候都低——导致了内容供应过剩，为吸引读者兴趣而展开激烈的竞争。标题在吸引读者上发挥着重要作用。标题需要能抓住读者的注意力并激发好奇心，而点击量可用于衡量一个标题是否成功。研究人员表示，标题的措辞是为了尽可能增加点击率，它事实上变成了一种点击诱饵。纸媒的标题需要清晰简洁，而网媒的标题则被策略性地设计用于增加点击。过去二十年，网媒的标题越来越长，以对话语气书写去激发读者的好奇心但同时不会透露太多信息。相关技巧包括使用主动动词，使用代词如“我”、“你”或“他们”，高频使用疑问词如“如何”、“什么”、“为什么”。这些元素通过创造信息鸿沟去激发读者的好奇心，而读者只有点击阅读文章才能填上这一鸿沟。研究还发现具有完整句子的标题更具有活力和情感，其具有的叙事结构更能唤起情感。情绪分析显示，无论是高质量的新闻媒体还是低质量的八卦媒体，标题平均变得更加负面。研究人员还发现，右翼媒体相比左翼媒体和中立媒体会更高频率的使用负面标题。研究人员对这一趋势增加读者区分严肃内容和操纵性内容的难度表达了担忧。

The European Union has imposed strict sanctions against web-hosting provider Stark Industries and the two individuals running it, CEO Iurie Neculiti and owner Ivan Neculiti, for enabling "destabilising activities" against the Union. [...]

Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals. Coinbase disclosed that a data breach impacted 69,461 individuals after overseas support staff improperly accessed customer and corporate data. Coinbase recently revealed that rogue contractors stole data on under 1% of users and demanded $20M; the data breach was initially […]

A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component MDIR Command Handler. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2025-5053. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component LS Command Handler. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2025-5052. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in FreeFloat FTP Server 1.0. Affected is an unknown function of the component BINARY Command Handler. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2025-5051. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in FreeFloat FTP Server 1.0. It has been rated as critical. This issue affects some unknown processing of the component BELL Command Handler. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2025-5050. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in FreeFloat FTP Server 1.0. It has been declared as critical. This vulnerability affects unknown code of the component APPEND Command Handler. The manipulation leads to buffer overflow. This vulnerability was named CVE-2025-5049. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #581349 / VDB-264922

Submit #581341 / VDB-264923

Submit #581340 / VDB-264924

Submit #581285 / VDB-309872

Submit #581284 / VDB-309871