Aggregator
RedRays ABAP Code Analyzer: Open-Source Security Scanner for SAP ABAP
3 months ago
The ABAP Code Scanner is a powerful tool designed to analyze ABAP (Advanced Business Application Programming) code for potential security vulnerabilities, code quality issues, and best practice violations. This provides a flexible and extensible...
The post RedRays ABAP Code Analyzer: Open-Source Security Scanner for SAP ABAP appeared first on Penetration Testing Tools.
ddos
F5 Buys Startup Fletch to Automate Security With Agentic AI
3 months ago
Context-Driven Insights, Automation Fuel Faster, Clearer Decisions for Cyber Teams
With its acquisition of San Francisco-based startup Fletch, F5 is embedding agentic AI into its security platform to automate threat detection and response. The technology provides real-time context, filters irrelevant alerts and helps security teams prioritize urgent risks and mitigation tasks.
With its acquisition of San Francisco-based startup Fletch, F5 is embedding agentic AI into its security platform to automate threat detection and response. The technology provides real-time context, filters irrelevant alerts and helps security teams prioritize urgent risks and mitigation tasks.
Dutch Minister Warns of Heightened Chinese Espionage Threats
3 months ago
Dutch Semiconductor Sector Among Chinese Targets
Chinese nation state groups ramped up espionage campaigns against Dutch critical infrastructure in recent months, said a state official who added that discussions are underway in the European Union on how to minimize Chinese threats.
Chinese nation state groups ramped up espionage campaigns against Dutch critical infrastructure in recent months, said a state official who added that discussions are underway in the European Union on how to minimize Chinese threats.
Flaw in Cisco Wireless LAN Controller Raises Exploit Fears
3 months ago
Researchers in Proof of Concept Show Exploit Potential for Widely Used Software
Technical details for a recently patched maximum-severity vulnerability in Cisco IOS XE reveal how hackers can enable remote code execution if the flaw is exploited. The vulnerability is an arbitrary file upload triggered by a hardcoded JSON Web Token.
Technical details for a recently patched maximum-severity vulnerability in Cisco IOS XE reveal how hackers can enable remote code execution if the flaw is exploited. The vulnerability is an arbitrary file upload triggered by a hardcoded JSON Web Token.
Trump Homeland Security Budget Guts CISA Staff, Key Programs
3 months ago
DHS Budget Proposal Reduces CISA’s Operational Core Amid Growing Global Threats
The Trump administration’s 2026 Homeland Security Department budget would cut $500 million from the Cybersecurity and Infrastructure Security Agency, eliminating over a third of its staff and gutting key programs central to federal cybersecurity and private sector engagement efforts.
The Trump administration’s 2026 Homeland Security Department budget would cut $500 million from the Cybersecurity and Infrastructure Security Agency, eliminating over a third of its staff and gutting key programs central to federal cybersecurity and private sector engagement efforts.
脱敏?怎么脱?看完这一篇就够了
3 months ago
确保敏感信息在存储、处理、传输和展示各环节中得到妥善保护。
Daily Dose of Dark Web Informer - 2nd of June 2025
3 months ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer - Cyber Threat Intelligence
Threat Attack Daily - 2nd of June 2025
3 months ago
Threat Attack Daily - 2nd of June 2025
Dark Web Informer - Cyber Threat Intelligence
Interlock
3 months ago
You must login to view this content
cohenido
CVE-2025-5367 | PHPGurukul Online Shopping Portal Project 1.0 /category.php Product sql injection
3 months ago
A vulnerability was found in PHPGurukul Online Shopping Portal Project 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument Product leads to sql injection.
This vulnerability was named CVE-2025-5367. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-5368 | PHPGurukul Daily Expense Tracker System 1.1 expense-yearwise-reports-detailed.php todate sql injection
3 months ago
A vulnerability was found in PHPGurukul Daily Expense Tracker System 1.1. It has been rated as critical. This issue affects some unknown processing of the file /expense-yearwise-reports-detailed.php. The manipulation of the argument todate leads to sql injection.
The identification of this vulnerability is CVE-2025-5368. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-5369 | SourceCodester PHP Display Username After Login 1.0 /login.php sql injection
3 months ago
A vulnerability classified as critical has been found in SourceCodester PHP Display Username After Login 1.0. Affected is an unknown function of the file /login.php. The manipulation of the argument Username leads to sql injection.
This vulnerability is traded as CVE-2025-5369. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-5016 | Relevanssi Plugin on WordPress Excerpt Highlights cross site scripting
3 months ago
A vulnerability, which was classified as problematic, has been found in Relevanssi Plugin on WordPress. This issue affects some unknown processing of the component Excerpt Highlights Handler. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2025-5016. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-5370 | PHPGurukul News Portal 4.1 forgot-password.php Username sql injection
3 months ago
A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument Username leads to sql injection.
This vulnerability is known as CVE-2025-5370. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-4672 | Offsprout Page Builder Plugin up to 2.15.2 on WordPress permission_callback improper authorization
3 months ago
A vulnerability, which was classified as critical, has been found in Offsprout Page Builder Plugin up to 2.15.2 on WordPress. This issue affects the function permission_callback. The manipulation leads to improper authorization.
The identification of this vulnerability is CVE-2025-4672. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-4631 | Profitori Plugin up to 2.0.6.0/2.1.1.3 on WordPress save_object_as_user meta authorization
3 months ago
A vulnerability, which was classified as critical, was found in Profitori Plugin up to 2.0.6.0/2.1.1.3 on WordPress. Affected is the function save_object_as_user. The manipulation of the argument meta leads to missing authorization.
This vulnerability is traded as CVE-2025-4631. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4607 | PSW Front-end Login & Registration Plugin up to 1.12 on WordPress customer_registration password recovery
3 months ago
A vulnerability has been found in PSW Front-end Login & Registration Plugin up to 1.12 on WordPress and classified as problematic. Affected by this vulnerability is the function customer_registration. The manipulation leads to weak password recovery.
This vulnerability is known as CVE-2025-4607. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-4103 | WP-GeoMeta Plugin 0.3.4/0.3.5 on WordPress wp_ajax_wpgm_start_geojson_import authorization
3 months ago
A vulnerability was found in WP-GeoMeta Plugin 0.3.4/0.3.5 on WordPress and classified as critical. Affected by this issue is the function wp_ajax_wpgm_start_geojson_import. The manipulation leads to missing authorization.
This vulnerability is handled as CVE-2025-4103. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-5292 | Element Pack Addons for Elementor Plugin up to 5.11.2 on WordPress marker_content cross site scripting
3 months ago
A vulnerability was found in Element Pack Addons for Elementor Plugin up to 5.11.2 on WordPress. It has been classified as problematic. This affects the function marker_content. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-5292. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com