Aggregator

Submit #673708 / VDB-329901

Submit #673707 / VDB-329900

Submit #673706 / VDB-329899

Submit #673705 / VDB-329898

A vulnerability described as critical has been identified in Tenda AC6 15.03.06.50. This issue affects some unknown processing of the file /goform/WifiGuestSet of the component HTTP Request Handler. Such manipulation of the argument shareSpeed leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-12225. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #673704 / VDB-329897

Submit #673611 / VDB-329896

Submit #673547 / VDB-329895

Submit #673589 / VDB-320803

Submit #673587 / VDB-314554

Submit #673585 / VDB-314780

Submit #673584 / VDB-254453

Submit #673583 / VDB-314188

Submit #673582 / VDB-290862

Встроенные сенсоры различают твёрдость и текстуру предметов и помогают выполнять тонкие операции.

OpenAI’s newly launched ChatGPT Atlas browser, designed to blend AI assistance with web navigation, faces a serious security flaw that allows attackers to jailbreak the system by disguising malicious prompts as harmless URLs. This vulnerability exploits the browser’s omnibox, a combined address and search bar that interprets inputs as either navigation commands or natural-language prompts […]

The post OpenAI ChatGPT Atlas Browser Jailbroken to Disguise Malicious Prompt as URLs appeared first on Cyber Security News.

Cybersecurity researchers are sounding the alarm after discovering that hackers are actively exploiting a critical remote code execution (RCE) vulnerability in Microsoft’s Windows Server Update Services (WSUS). The flaw, tracked as CVE-2025-59287, allows unauthenticated attackers to run arbitrary code on vulnerable servers, and evidence suggests that these attacks are being carried out manually, a technique […]

The post CISA Beware! Hackers Are Actively Exploiting Windows Server Update Services RCE Flaw in the Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability marked as problematic has been reported in Iqbolshoh php-business-website up to 10677743a8dfc281f85291a27cf63a0bce043c24. This vulnerability affects unknown code of the file admin/contact.php. This manipulation of the argument twitter causes cross site scripting. This vulnerability appears as CVE-2025-12224. The attack may be initiated remotely. In addition, an exploit is available. This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability labeled as critical has been found in Bdtask Flight Booking Software up to 3.1. This affects an unknown part of the file /b2c/package-information of the component Package Information Module. The manipulation results in unrestricted upload. This vulnerability is reported as CVE-2025-12223. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability identified as critical has been detected in Bdtask Flight Booking Software up to 3.1. Affected by this issue is some unknown functionality of the file /admin/transaction/deposit of the component Deposit Handler. The manipulation leads to unrestricted upload. This vulnerability is documented as CVE-2025-12222. The attack can be initiated remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.