Aggregator

A vulnerability described as critical has been identified in Linux Kernel up to 6.0.6. This vulnerability affects the function kcm_rfree of the component kcm. Executing a manipulation can lead to state issue. This vulnerability is handled as CVE-2022-50265. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability has been found in Linux Kernel up to 5.15.86/6.0.16/6.1.2 and classified as critical. Affected is the function blksize_bits of the component ntfs3. Performing a manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2022-50262. The attack must originate from the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.1.1. It has been classified as critical. This impacts an unknown function. Performing a manipulation results in incorrect control flow. This vulnerability is reported as CVE-2022-50261. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

Как хакеры превратили безобидный QR-код в «троянского коня», которого в упор не видят системы безопасности.

银狐Edge最新变种样本分析

Как не быть "папиком" для ботнета? Рассказывает GreyNoise.

A vulnerability described as problematic has been identified in Privacy Policy Genius Plugin up to 2.0.4 on WordPress. Affected is an unknown function. Such manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-13219. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Altra Side Menu Plugin up to 2.0 on WordPress and classified as problematic. This impacts an unknown function. Executing a manipulation can lead to cross-site request forgery. This vulnerability is registered as CVE-2024-12774. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as critical, has been found in Taskbuilder Plugin up to 3.0.4 on WordPress. Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument load_orders results in sql injection. This vulnerability is known as CVE-2024-9828. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in YaDisk Files Plugin up to 1.2.5 on WordPress. Impacted is an unknown function of the component Setting Handler. Executing a manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2024-10710. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in WP Prayer Plugin up to 2.0.9 on WordPress. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-3406. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in trailofbits fickling 0.1.6. It has been classified as critical. Affected by this vulnerability is the function run_path/runpy.run_module. The manipulation leads to deserialization. This vulnerability is listed as CVE-2026-22606. The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Pdfcrowd Save as PDF Plugin up to 3.1.x on WordPress. It has been classified as problematic. The impacted element is an unknown function of the component Setting Handler. This manipulation causes cross site scripting. This vulnerability is handled as CVE-2023-5971. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability, which was classified as problematic, has been found in Newsletter Popup Plugin up to 1.2 on WordPress. Affected by this issue is some unknown functionality. Performing a manipulation results in cross-site request forgery. This vulnerability was named CVE-2024-3643. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in CommentTweets Plugin up to 0.6 on WordPress and classified as problematic. This affects an unknown function. Such manipulation leads to cross-site request forgery. This vulnerability is documented as CVE-2023-6845. The attack can be executed remotely. There is not any exploit available.

A vulnerability classified as problematic has been found in PayHere Payment Gateway Plugin up to 2.2.11 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2023-6064. The attack can only be initiated within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in WP Custom Widget area Plugin up to 1.2.5 on WordPress. The impacted element is an unknown function of the component AJAX Action Handler. This manipulation causes missing authorization. This vulnerability is handled as CVE-2023-6066. The attack can be initiated remotely. There is not any exploit available.

A cybersecurity incident at Gulshan Management Services, Inc., a gas station operator based in Sugar Land, Texas, has compromised the personal information of over 377,000 customers. The breach, discovered on September 27, 2025, exposed sensitive data over 10 days from September 17 to September 27, 2025. Breach Details The incident involved a hacking breach of […]

The post Data Breach at Texas Gas Station Operator Exposes Info of 377,000+ Customers appeared first on Cyber Security News.

A vulnerability categorized as critical has been discovered in Trend Micro Apex Central. Affected by this issue is some unknown functionality of the component Message Handler. The manipulation results in origin validation error. This vulnerability is known as CVE-2025-69260. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

Your organization, the industrial domain you survive on, and almost everything you deal with rely on software applications. Be it banking portals, healthcare systems, or any other, securing those applications is paramount. Application Security Testing is the process of making applications more resistant to cyber threats by identifying weaknesses and vulnerabilities in the code. In […]

The post What is Application Security Testing? Detail Explanation appeared first on Kratikal Blogs.

The post What is Application Security Testing? Detail Explanation appeared first on Security Boulevard.