Aggregator

CVE-2024-24576 | Rust up to 1.77.1 on Windows Batch File Command::arg os command injection (GHSA-q455-m56c-85mh / Nessus ID 211028)

Vuldb Updates
5 months 2 weeks ago
A vulnerability was found in Rust up to 1.77.1 on Windows. It has been declared as critical. Affected by this vulnerability is the function Command::arg of the component Batch File Handler. Such manipulation leads to os command injection. This vulnerability is traded as CVE-2024-24576. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Radar

Dark Feed IO
5 months 2 weeks ago

You must login to view this content

cohenido

Aflac Notifies 22.7 Million People of June Data Theft Attack

BankInfoSecurity.com
5 months 2 weeks ago
Insurer's Hack Could Rank as Largest US Health Data Breach Reported in 2025
Supplemental health insurer Aflac is notifying 22.65 million people whose sensitive health and personal information, including Social Security numbers, was potentially compromised in a June data theft incident. The incident will likely rank as the biggest U.S. health data breach reported in 2025.

Breached E-Commerce Giant Details $1B 'Customer Trust' Plan

BankInfoSecurity.com
5 months 2 weeks ago
Critics of South Korea's Coupang Dismiss Offer as Marketing More Than Compensation
After suffering a data breach that exposed personal data for two-thirds of South Korea' population, online retailer Coupang promised to distribute $1.2 billion in vouchers to "restore customer trust." But critics have accused the move of being more about marketing than true compensation.

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government

The Hackers News
5 months 2 weeks ago
The Russia-aligned threat actor known as UAC-0184 has been observed targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. "This organization has continued to conduct high-intensity intelligence gathering activities against Ukrainian military and government departments in 2025," the 360 Threat Intelligence Center said in
The Hacker News

CVE-2023-33661 | ChurchCRM 4.5.3 GroupReports.php GroupRole/ReportModel/OnlyCart cross site scripting (Issue 6474 / EUVD-2023-37817)

Vuldb Updates
5 months 2 weeks ago
A vulnerability marked as problematic has been reported in ChurchCRM 4.5.3. Affected is an unknown function of the file GroupReports.php. The manipulation of the argument GroupRole/ReportModel/OnlyCart leads to cross site scripting. This vulnerability is traded as CVE-2023-33661. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2023-33664 | ai-dev aicombinationsonfly up to 0.3.0 on PrestaShop /includes/ajax.php sql injection (EUVD-2023-37820)

Vuldb Updates
5 months 2 weeks ago
A vulnerability classified as critical has been found in ai-dev aicombinationsonfly up to 0.3.0 on PrestaShop. Affected is an unknown function of the file /includes/ajax.php. The manipulation leads to sql injection. This vulnerability is traded as CVE-2023-33664. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-33665 | ai-dev aitable up to 0.2.1 /includes/ajax.php sql injection (EUVD-2023-37821)

Vuldb Updates
5 months 2 weeks ago
A vulnerability labeled as critical has been found in ai-dev aitable up to 0.2.1. This affects an unknown part of the file /includes/ajax.php. The manipulation results in sql injection. This vulnerability is identified as CVE-2023-33665. The attack can only be performed from the local network. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2023-33663 | ai-dev Module up to 0.2.0 on PrestaShop Customization sql injection (EUVD-2023-37819)

Vuldb Updates
5 months 2 weeks ago
A vulnerability categorized as critical has been discovered in ai-dev Module up to 0.2.0 on PrestaShop. This affects an unknown function. Executing a manipulation of the argument Customization can lead to sql injection. This vulnerability is tracked as CVE-2023-33663. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.
vuldb.com

CVE-2023-54279 | Linux Kernel up to 6.3.1 MIPS fw_getenv null pointer dereference (Nessus ID 281730 / WID-SEC-2025-2941)

Vuldb Updates
5 months 2 weeks ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.3.1. The impacted element is the function fw_getenv of the component MIPS. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2023-54279. The attack needs to be initiated within the local network. No exploit is available. You should upgrade the affected component.
vuldb.com

CVE-2022-50867 | Linux Kernel up to 6.0.6 adreno_show_object memory leak (Nessus ID 281731 / WID-SEC-2025-2941)

Vuldb Updates
5 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.0.6. It has been declared as critical. Affected by this issue is the function adreno_show_object. Such manipulation leads to memory leak. This vulnerability is traded as CVE-2022-50867. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-50857 | Linux Kernel up to 6.1.1 rio_register_mport allocation of resources (Nessus ID 281733 / WID-SEC-2025-2941)

Vuldb Updates
5 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.1. It has been classified as critical. Affected by this issue is the function rio_register_mport. Performing a manipulation results in allocation of resources. This vulnerability is cataloged as CVE-2022-50857. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2023-54192 | Linux Kernel up to 6.1.28/6.2.15/6.3.2 f2fs __replace_atomic_write_block null pointer dereference (Nessus ID 281732)

Vuldb Updates
5 months 2 weeks ago
A vulnerability has been found in Linux Kernel up to 6.1.28/6.2.15/6.3.2 and classified as critical. Impacted is the function __replace_atomic_write_block of the component f2fs. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2023-54192. The attack needs to be initiated within the local network. No exploit is available. The affected component should be upgraded.
vuldb.com

Managed ad