Aggregator

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. Affected by this vulnerability is the function mr_mfc_uses_dev of the component ipmr. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2025-21719. The attack can only be initiated within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. This affects an unknown part. The manipulation results in use after free. This vulnerability is known as CVE-2025-21718. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

美国保守派不喜欢现在的维基百科：他们打造了保守派自己的在线百科全书 Conservapedia，但根本没人看；共和党人坚称维基百科存在自由主义偏见，要求运营维基百科的非盈利组织维基媒体基金会给出解释，称要对潜在的平台操纵展开调查；马斯克（Elon Musk）表示将会推出 AI 驱动的百科全书替代 Grokipedia。参与创建维基百科的联合创始人 Larry Sanger 很早就离开了该平台，他如今皈依基督教，2024 年投票给了特朗普，拥抱 MAGA，目前正致力于招募保守派人士去积极编辑维基百科条目。

A vulnerability, which was classified as critical, has been found in Tenda O3 1.0.0.10(2478). This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing manipulation of the argument enable results in stack-based buffer overflow. This vulnerability was named CVE-2025-12214. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability classified as critical was found in Tenda O3 1.0.0.10(2478). This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-12213. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability classified as critical has been found in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. This vulnerability is handled as CVE-2025-12212. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability described as critical has been identified in Tenda O3 1.0.0.10(2478). Affected by this issue is the function SetValue/GetValue of the file /goform/setDmzInfo. The manipulation of the argument dmzIP results in stack-based buffer overflow. This vulnerability is known as CVE-2025-12211. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability marked as critical has been reported in Tenda O3 1.0.0.10(2478). Affected by this vulnerability is the function SetValue/GetValue of the file /goform/AdvSetLanip. The manipulation of the argument lanIp leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-12210. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability labeled as critical has been found in Tenda O3 1.0.0.10(2478). Affected is the function SetValue/GetValue of the file /goform/setDhcpConfig. Executing manipulation of the argument dhcpEn can lead to stack-based buffer overflow. This vulnerability appears as CVE-2025-12209. The attack may be performed from remote. In addition, an exploit is available.

Новый проект описывает, как действовать от первых измерений до объявления через ООН.

伪装成顺丰天工实验室招聘信息钓鱼样本分析

Submit #673269 / VDB-329884

Submit #673268 / VDB-329883

Submit #673267 / VDB-329882

Submit #673265 / VDB-329881

Submit #673264 / VDB-329880

Submit #673263 / VDB-329879

A vulnerability identified as critical has been detected in SourceCodester Best House Rental Management System 1.0. This impacts the function login2 of the file /admin_class.php. Performing manipulation of the argument Username results in sql injection. This vulnerability is reported as CVE-2025-12208. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability categorized as problematic has been discovered in Kamailio 5.5. This affects the function yyerror_at of the file src/core/cfg.y of the component Grammar Rule Handler. Such manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2025-12207. The attack needs to be performed locally. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.