Aggregator

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-05-29, 0 days ago. The vendor is given until 2026-09-26 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2026-05-29, 0 days ago. The vendor is given until 2026-09-26 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A vulnerability classified as problematic has been found in Apple watchOS up to 5.2.1. This impacts an unknown function of the component libxslt. Performing a manipulation results in type confusion. This vulnerability was named CVE-2019-13118. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple macOS up to 10.14.5. The impacted element is an unknown function of the component libxslt. Executing a manipulation can lead to type confusion. The identification of this vulnerability is CVE-2019-13118. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability has been found in Apple tvOS up to 12.3 and classified as critical. This impacts an unknown function of the component libxslt. This manipulation causes type confusion. This vulnerability is handled as CVE-2019-13118. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in Apple iOS up to 12.3.2. Affected is an unknown function of the component libxslt. The manipulation leads to type confusion. This vulnerability is referenced as CVE-2019-13118. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability marked as critical has been reported in Apple iCloud up to 7.12/10.5 on Windows. The impacted element is an unknown function of the component libxslt. The manipulation leads to type confusion. This vulnerability is referenced as CVE-2019-13118. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability was found in Apple iTunes up to 12.9.5 on Windows. It has been declared as critical. This affects an unknown function of the component libxslt. Executing a manipulation can lead to type confusion. This vulnerability appears as CVE-2019-13118. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.2.2. Impacted is an unknown function of the file drivers/media/usb/dvb-usb/dvb-usb-init.c of the component USB Device Handler. The manipulation leads to use after free. This vulnerability is documented as CVE-2019-15213. It is possible to launch the attack on the physical device. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in SQLite up to 3.29.0. This impacts the function whereLoopAddBtreeIndex of the file sqlite3.c. Such manipulation leads to divide by zero. This vulnerability is listed as CVE-2019-16168. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in Oracle Communications Design Studio 7.3.4.3.0/7.3.5.5.0/7.4.0.4.0. It has been rated as critical. This vulnerability affects unknown code. Performing a manipulation results in divide by zero. This vulnerability is identified as CVE-2019-16168. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability categorized as critical has been discovered in Oracle Java SE 8u231. Affected is an unknown function of the component JavaFX. The manipulation results in divide by zero. This vulnerability is cataloged as CVE-2019-16168. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability labeled as critical has been found in Oracle Java SE 8u231. Affected by this issue is some unknown functionality of the component JavaFX. Such manipulation leads to type confusion. This vulnerability is documented as CVE-2019-13118. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

Evolution of the Adversarial Vector The Federal Bureau of Investigation recently issued an urgent advisory regarding the Silent Ransom Group. Notably, this sophisticated threat actor also operates under the corporate aliases Luna Moth, Chatty...

The post Physical Infiltration: The FBI Warns of Silent Ransom Group’s New Tactics appeared first on Information Security News.

蓝色起源的新格伦火箭在测试中发生爆炸根据直播画面，蓝色起源的新格伦巨型火箭刚刚在佛罗里达州卡纳维拉尔角的一个发射场进行测试时爆炸。蓝色起源随后证实了这次爆炸。杰夫·贝索斯的太空公司正在进行一次静态点火

Европейский орган выяснил, чья ненависть в интернете остается безнаказанной чаще всего.

In this Help Net Security video, Shankar Somasundaram, CEO at Asimily, explains how to build a risk-based vulnerability program. He notes that vulnerabilities are exploding by an order of magnitude in the age of AI-driven attacks, with one customer finding a thousand vulnerabilities for every one they knew about. Patching everything is not workable, and relying on CVSS scores fails because two-thirds of published CVEs are marked high risk. Shankar walks through a better approach. … More →

The post Building a risk-based vulnerability management program that scales appeared first on Help Net Security.

A vulnerability has been found in MediaWiki up to 1.36.1 and classified as problematic. Impacted is an unknown function of the component Special:Contributions. The manipulation leads to resource consumption. This vulnerability is referenced as CVE-2021-41800. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as critical, has been found in MaraDNS Deadwood up to 3.5.0021. The impacted element is an unknown function of the component Domain Name Handler. The manipulation leads to improper access controls. This vulnerability is referenced as CVE-2022-30256. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability categorized as problematic has been discovered in Technitium DNS Server up to 8.0.2. This impacts an unknown function of the component Domain Name Resolution Handler. Such manipulation leads to incorrectly-resolved name. This vulnerability is traded as CVE-2022-30257. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.