Aggregator

CVE-2025-54453 | Samsung Electronics MagicINFO 9 Server 21.1050/21.1052 path traversal (EUVD-2025-22433)

Vuldb Updates
4 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2025-54453. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-54448 | Samsung Electronics MagicINFO 9 Server 21.1050/21.1052 unrestricted upload (EUVD-2025-22432)

Vuldb Updates
4 months 2 weeks ago
A vulnerability was found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2025-54448. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Hackers Exploiting SAP NetWeaver Vulnerability to Deploy Auto-Color Linux Malware

Cyber Security News
4 months 2 weeks ago

A sophisticated cyberattack targeting a US-based chemicals company has revealed the first observed pairing of SAP NetWeaver exploitation with Auto-Color malware, demonstrating how threat actors are leveraging critical vulnerabilities to deploy advanced persistent threats on Linux systems.  In April 2025, cybersecurity firm Darktrace successfully detected and contained an attack that exploited CVE-2025-31324, a critical vulnerability […]

The post Hackers Exploiting SAP NetWeaver Vulnerability to Deploy Auto-Color Linux Malware appeared first on Cyber Security News.

Florence Nightingale

regdict – 可能是 Wordle 最佳外挂:带“正则”的开源英语词典

不安全
4 months 2 weeks ago
文章介绍了开源英语词典 regdict 的功能和使用方法。它支持正则表达式风格的查询规则(如 . 匹配任意字母、+ 匹配一个或多个字母等),特别适合用于 Wordle 游戏中的单词搜索和筛选。用户可通过多种规则(如前缀、后缀、长度、或查询)快速缩小候选词范围,并结合实际案例展示了如何利用 regdict 解决 Wordle 谜题。

CVE-2025-54446 | Samsung Electronics MagicINFO 9 Server 21.1050/21.1052 path traversal (EUVD-2025-22430)

Vuldb Updates
4 months 2 weeks ago
A vulnerability classified as critical has been found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. This affects an unknown part. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2025-54446. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-52735 | Linux Kernel up to 5.15.94/6.1.12 sock_map_close/sock_map_destroy/sock_map_unhash stack-based overflow (f312367f5246/749985988148/5b4a79ba65a1 / EUVD-2023-59454)

Vuldb Updates
4 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.15.94/6.1.12. Affected is the function sock_map_close/sock_map_destroy/sock_map_unhash. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2023-52735. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Enterprise LLMs Under Risk: How Simple Prompts Can Lead to Major Breaches

Cyber Security News
4 months 2 weeks ago

Enterprise applications integrating Large Language Models (LLMs) face unprecedented security vulnerabilities that can be exploited through deceptively simple prompt injection attacks.  Recent security assessments reveal that attackers can bypass authentication systems, extract sensitive data, and execute unauthorized commands using nothing more than carefully crafted natural language queries.  Key Takeaways1. Simple prompts can trick LLMs into […]

The post Enterprise LLMs Under Risk: How Simple Prompts Can Lead to Major Breaches appeared first on Cyber Security News.

Florence Nightingale

印度对美智能手机出货量首次超过中国

Solidot
4 months 2 weeks ago
根据 Canalys 的数据,二季度(4-6 月)印度对美智能手机出货量首次超过中国(44% 对 25%)。美国智能手机出货量在 2025 年第二季度增长了 1%。与中国关税谈判结果的不确定性加速了供应链的重新定位。美国智能手机在中国组装的出货量份额从 2024 年第二季度的 61% 缩减至 2025 年第二季度的 25%。这种下降的大部分是由印度承担的;“印度制造”智能手机的总销量同比增长 240%,目前占美国进口智能手机的 44%,高于 2024 年第二季度仅占智能手机出货量的 13%。第二季度,iPhone 出货量同比下降 11% 至 1330 万部,三星出货量同比增长 38% 达到 830 万台,摩托罗拉增长 2% 至 320 万台。Google 和 TCL 跻身前五名,Google 增长 13% 至 80 万台,TCL 下降23% 出货量为 70 万台。

Microsoft Details Defence Techniques Against Indirect Prompt Injection Attacks

Cyber Security News
4 months 2 weeks ago

Microsoft has unveiled a comprehensive defense-in-depth strategy to combat indirect prompt injection attacks, one of the most significant security threats facing large language model (LLM) implementations in enterprise environments.  The company’s multi-layered approach combines preventative techniques, detection tools, and impact mitigation strategies to protect against attackers who embed malicious instructions within external data sources that […]

The post Microsoft Details Defence Techniques Against Indirect Prompt Injection Attacks appeared first on Cyber Security News.

Florence Nightingale

CVE-2025-48932 | Invision Community up to 4.7.20 calendar/view.php location sql injection

VulDB Recent Entries
4 months 2 weeks ago
A vulnerability was found in Invision Community up to 4.7.20. It has been declared as critical. This vulnerability affects unknown code of the file calendar/view.php. The manipulation of the argument location leads to sql injection. This vulnerability was named CVE-2025-48932. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Opera 指控微软使用反竞争策略推广自家浏览器 Edge

Solidot
4 months 2 weeks ago
Opera 周二向巴西反垄断机构 CADE 提起诉讼,指控微软给予自家 Edge 浏览器相对于竞争对手的不公平优势。Opera 称微软在所有 Windows 设备上预装 Edge,将其设为默认浏览器,阻止竞争对手靠产品优势进行竞争。Opera 总法律顾问 Aaron McParlan 表示微软将 Opera 等浏览器排除在预装之外,阻碍用户下载其它浏览器。Opera 称自己是巴西第三大受欢迎 PC 浏览器,希望 CADE 对微软展开调查,要求微软确保公平竞争。

Managed ad