Aggregator

CVE-2025-6733 | UTT HiPER 840G up to 3.1.1-190328 API formConfigDnsFilterGlobal sub_416928 GroupName buffer overflow (EUVD-2025-19245)

Vuldb Updates
5 months 2 weeks ago
A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been declared as critical. This vulnerability affects the function sub_416928 of the file /goform/formConfigDnsFilterGlobal of the component API. The manipulation of the argument GroupName leads to buffer overflow. This vulnerability was named CVE-2025-6733. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6734 | UTT HiPER 840G up to 3.1.1-190328 API formP2PLimitConfig sub_484E40 except buffer overflow (EUVD-2025-19243)

Vuldb Updates
5 months 2 weeks ago
A vulnerability was found in UTT HiPER 840G up to 3.1.1-190328. It has been rated as critical. This issue affects the function sub_484E40 of the file /goform/formP2PLimitConfig of the component API. The manipulation of the argument except leads to buffer overflow. The identification of this vulnerability is CVE-2025-6734. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6735 | juzaweb CMS 3.4.2 Import Page /admin-cp/imports improper authorization (EUVD-2025-19248)

Vuldb Updates
5 months 2 weeks ago
A vulnerability classified as critical has been found in juzaweb CMS 3.4.2. Affected is an unknown function of the file /admin-cp/imports of the component Import Page. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2025-6735. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6736 | juzaweb CMS 3.4.2 Add New Themes Page /admin-cp/theme/install improper authorization (EUVD-2025-19247)

Vuldb Updates
5 months 2 weeks ago
A vulnerability classified as critical was found in juzaweb CMS 3.4.2. Affected by this vulnerability is an unknown functionality of the file /admin-cp/theme/install of the component Add New Themes Page. The manipulation leads to improper authorization. This vulnerability is known as CVE-2025-6736. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6738 | huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a UserServiceImpl.java userDao.selectUserByUserNameLike Username sql injection (EUVD-2025-19246)

Vuldb Updates
5 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in huija bicycleSharingServer up to 7b8a3ba48ad618604abd4797d2e7cf3b5ac7625a. Affected by this issue is the function userDao.selectUserByUserNameLike of the file UserServiceImpl.java. The manipulation of the argument Username leads to sql injection. This vulnerability is handled as CVE-2025-6738. The attack may be launched remotely. Furthermore, there is an exploit available. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
vuldb.com

CVE-2025-3699 | Mitsubishi Electric G-50 missing authentication (EUVD-2025-19244)

Vuldb Updates
5 months 2 weeks ago
A vulnerability has been found in Mitsubishi Electric G-50, G-50-W, G-50A, GB-50, GB-50A, GB-24A, G-150AD, AG-150A-A, AG-150A-J, GB-50AD, GB-50ADA-A, GB-50ADA-J, EB-50GU-A, EB-50GU-J, AE-200J, AE-200A, AE-200E, AE-50J, AE-50A, AE-50E, EW-50J, EW-50A, EW-50E, TE-200A, TE-50A, TW-50A and CMS-RMD-J and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authentication. This vulnerability is known as CVE-2025-3699. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025

Security Boulevard
5 months 2 weeks ago

What you need to know about SCA tools Quick Answer: The top SCA tools in 2025 are Mend.io (best for automated remediation and proactive SCA), Sonatype Lifecycle (known for enterprise policy management), Snyk (known for developer experience), and Checkmarx SCA (known for comprehensive coverage). According to industry reports, organizations using SCA tools can reduce vulnerability […]

The post Best Software Composition Analysis (SCA) Tools: Top 6 Solutions in 2025 appeared first on Security Boulevard.

Mend.io Team

Evaluating AI Solutions for the SOC: Why Centralized Autonomy Outperforms Agentic AI

Security Boulevard
5 months 2 weeks ago

Compare centralized autonomous SOC engines like Morpheus against agentic AI solutions. Learn why unified control beats agent swarms.

The post Evaluating AI Solutions for the SOC: Why Centralized Autonomy Outperforms Agentic AI appeared first on D3 Security.

The post Evaluating AI Solutions for the SOC: Why Centralized Autonomy Outperforms Agentic AI appeared first on Security Boulevard.

Alex MacLachlan

Qilin

Dark Feed IO
5 months 2 weeks ago

You must login to view this content

cohenido

Managed ad