Aggregator

ASUS has disclosed a high security vulnerability in its MyASUS application that could allow local attackers to escalate their privileges to SYSTEM-level access on affected Windows devices. The flaw, tracked as CVE-2025-59373, carries a high-severity CVSS 4.0 score of 8.5, indicating a significant risk to millions of ASUS computer users worldwide. Vulnerability Overview The security […]

The post ASUS MyASUS Flaw Lets Hackers Escalate to SYSTEM-Level Access appeared first on Cyber Security News.

搞过应用安全的朋友大概率都踩过这样一个痛点：面对分布式微服务架构，传统SAST工具早已经显得力不从心。一个用户请求从前端发起，经中间层路由至后端服务集群，需要穿透多个微服务节点；而污点数据会通过RES

Ashlar-Vellumが提供する複数の製品には、複数の脆弱性が存在します。

Rockwell Automationが提供するArena Simulationには、スタックベースのバッファオーバーフローの脆弱性が存在します。

Zenitelが提供するTCIV-3+には、複数の脆弱性が存在します。

Opto 22が提供するgroov Viewには、メタデータによる機微な情報の漏えいの脆弱性が存在します。

Festoが提供する複数の製品には、複数の脆弱性が存在します。

SiRcomが提供するSMART Alert (SiSA)には、重要な機能に対する認証の欠如の脆弱性が存在します。

The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating financial institutions with an aim to steal money or sensitive information to facilitate account takeover (ATO) fraud schemes. The activity targets individuals, businesses, and organizations of varied sizes and across sectors, the agency said, adding the fraudulent schemes have led to more than $262

The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating fin

如果你想知道下一代 AI 产品会长成什么样，不妨从这里开始。

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 53.x. This affects an unknown function of the component Graphite2 Library. Performing manipulation results in out-of-bounds read. This vulnerability is known as CVE-2017-7778. Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Mozilla Firefox up to 53.x. This issue affects some unknown processing of the component Unicode Character Handler. Executing manipulation can lead to improper input validation. This vulnerability is tracked as CVE-2017-7764. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in Mozilla Firefox up to 53.x. Impacted is an unknown function of the component Mark of the Web Handler. The manipulation leads to 7pk security features. This vulnerability is listed as CVE-2017-7765. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

A vulnerability labeled as problematic has been found in Mozilla Firefox up to 53.x on Windows. The affected element is an unknown function of the component Updater/Maintenance Service. The manipulation results in improper access controls. This vulnerability is cataloged as CVE-2017-7766. The attack must be initiated from a local position. There is no exploit available. The affected component should be upgraded.

A vulnerability marked as problematic has been reported in Mozilla Firefox up to 53.x on Windows. The impacted element is an unknown function of the component Updater/Maintenance Service. This manipulation causes improper access controls. This vulnerability is registered as CVE-2017-7767. The attack needs to be launched locally. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability described as problematic has been identified in Mozilla Firefox up to 53.x on Windows. This affects an unknown function of the component Updater/Maintenance Service. Such manipulation leads to information disclosure (File). This vulnerability is documented as CVE-2017-7768. The attack needs to be performed locally. There is not any exploit available. Upgrading the affected component is recommended.