Aggregator

A vulnerability, which was classified as problematic, has been found in Adrian Moreno WP Lyrics Plugin up to 0.4.1 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-23533. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Stepan Stepasyuk MemeOne Plugin up to 2.0.5 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2025-23559. It is possible to initiate the attack remotely. There is no exploit available.

Цифровые бастионы рушатся под натиском теневых потоков трафика.

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file endpoint/update.php. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2025-1166. The attack can be launched remotely. Furthermore, there is an exploit available.

Artificial Intelligence (AI) is transforming industries by automating tasks, improving decision-making, and enhancing cybersecurity. However, AI models are increasingly being targeted by adversarial attacks, which can manipulate or compromise their integrity. The protection of sensitive data along with trust maintenance and accurate decision-making demands the establishment of AI security. This blog investigates AI security while […]

The post White Box Testing in 2025: A Complete Guide to Techniques, Tools, and Best Practices first appeared on StrongBox IT.

The post White Box Testing in 2025: A Complete Guide to Techniques, Tools, and Best Practices appeared first on Security Boulevard.

Submit #494567 / VDB-295069

A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument file leads to unrestricted upload. This vulnerability is traded as CVE-2025-1165. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

爆竹行动：这个年就在公司跟“大模型们”一起过了，全组人员放弃春节休假时间，说干就干，全面投入大模型测评工作。

勒索软件支付在2024年下降了35％

A vulnerability, which was classified as problematic, has been found in code-projects Police FIR Record Management System 1.0. This issue affects some unknown processing of the component Add Record Handler. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-1164. Local access is required to approach this attack. Furthermore, there is an exploit available.

The Tor Project has officially launched Tor Browser 14.0.6, addressing a critical crash issue affecting users on older macOS systems. This latest update incorporates several technical improvements, ensuring enhanced stability and performance across platforms. Tor Browser is built on Firefox ESR (Extended Support Release) and incorporates advanced privacy features such as onion routing, tracker blocking, […]

The post Tor Browser 14.0.6 Released, What’s New! appeared first on Cyber Security News.

Submit #494517 / VDB-295068

Submit #494516 / VDB-295068

A vulnerability classified as critical was found in code-projects Vehicle Parking Management System 1.0. This vulnerability affects the function login of the component Authentication. The manipulation of the argument username leads to stack-based buffer overflow. This vulnerability was named CVE-2025-1163. An attack has to be approached locally. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /\_parse/load\_user-profile.php. The manipulation of the argument userhash leads to sql injection. This vulnerability is uniquely identified as CVE-2025-1162. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #494009 / VDB-295067

新厂商上线！速速围观~

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument username/password leads to use of default credentials. This vulnerability is handled as CVE-2025-1160. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #494008 / VDB-295066

A vulnerability was found in CampCodes School Management Software 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /academic-calendar. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-1159. The attack can be launched remotely. Furthermore, there is an exploit available.