Aggregator

CVE-2025-7293 | CADImage Plugin on IrfanView DXF File Parser memory corruption (EUVD-2025-22153)

Vuldb Updates
1 week 4 days ago
A vulnerability was found in CADImage Plugin on IrfanView. It has been declared as critical. This vulnerability affects unknown code of the component DXF File Parser. The manipulation leads to memory corruption. This vulnerability was named CVE-2025-7293. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-7298 | CADImage Plugin on IrfanView DXF File Parser out-of-bounds (EUVD-2025-22155)

Vuldb Updates
1 week 4 days ago
A vulnerability classified as critical was found in CADImage Plugin on IrfanView. This vulnerability affects unknown code of the component DXF File Parser. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-7298. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-7299 | CADImage Plugin on IrfanView DWG File Parser memory corruption (EUVD-2025-22162)

Vuldb Updates
1 week 4 days ago
A vulnerability was found in CADImage Plugin on IrfanView. It has been rated as critical. Affected by this issue is some unknown functionality of the component DWG File Parser. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-7299. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-7302 | CADImage Plugin on IrfanView DWG File Parser memory corruption (EUVD-2025-22187)

Vuldb Updates
1 week 4 days ago
A vulnerability classified as critical has been found in CADImage Plugin on IrfanView. This affects an unknown part of the component DWG File Parser. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2025-7302. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-37984 | Linux Kernel up to 6.14.4 crypto integer overflow (EUVD-2025-15868 / Nessus ID 240657)

Vuldb Updates
1 week 4 days ago
A vulnerability was found in Linux Kernel up to 6.14.4. It has been classified as problematic. This affects an unknown part of the component crypto. The manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2025-37984. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

INC

Dark Feed IO
1 week 4 days ago

You must login to view this content

cohenido

INC

Dark Feed IO
1 week 4 days ago

You must login to view this content

cohenido

Patchwork Targets Turkish Defense Firms with Spear-Phishing Using Malicious LNK Files

The Hackers News
1 week 4 days ago
The threat actor known as Patchwork has been attributed to a new spear-phishing campaign targeting Turkish defense contractors with the goal of gathering strategic intelligence. "The campaign employs a five-stage execution chain delivered via malicious LNK files disguised as conference invitations sent to targets interested in learning more about unmanned vehicle systems," Arctic Wolf Labs said
The Hacker News

Microsoft Copilot Rooted to Gain Unauthorized Root Access to its Backend System

Cyber Security News
1 week 4 days ago

A critical security vulnerability has been discovered in Microsoft Copilot Enterprise, allowing unauthorized users to gain root access to its backend container. This vulnerability poses a significant risk, potentially allowing malicious users to manipulate system settings, access sensitive data, and compromise the application’s integrity. The issue originated from an April 2025 update that introduced a […]

The post Microsoft Copilot Rooted to Gain Unauthorized Root Access to its Backend System appeared first on Cyber Security News.

Guru Baran

15 Best Bandwidth Monitoring Tools in 2025

Cyber Security News
1 week 4 days ago

Bandwidth monitoring tools are essential for managing and optimizing network performance. These tools help IT administrators track and analyze network traffic, identify potential bottlenecks, and ensure efficient bandwidth utilization. By providing real-time data on network usage, bandwidth monitoring tools enable proactive management and quick resolution of issues that could impact network performance. They offer detailed […]

The post 15 Best Bandwidth Monitoring Tools in 2025 appeared first on Cyber Security News.

CISO Advisory

CVE-2025-0622 | Red Hat Enterprise Linux/OpenShift Container Platform command-gpg use after free (EUVD-2025-4773 / Nessus ID 216508)

Vuldb Updates
1 week 4 days ago
A vulnerability classified as critical was found in Red Hat Enterprise Linux and OpenShift Container Platform. Affected by this vulnerability is an unknown functionality of the component command-gpg. The manipulation leads to use after free. This vulnerability is known as CVE-2025-0622. The attack needs to be approached locally. There is no exploit available.
vuldb.com

CVE-2025-8133 | yanyutao0402 ChanCMS up to 3.1.2 gather.js getArticle targetUrl server-side request forgery (ICLP1K / EUVD-2025-22573)

Vuldb Updates
1 week 4 days ago
A vulnerability classified as critical has been found in yanyutao0402 ChanCMS up to 3.1.2. This affects the function getArticle of the file app/modules/api/service/gather.js. The manipulation of the argument targetUrl leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2025-8133. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-8135 | itsourcecode Insurance Management System 1.0 /updateAgent.php agent_id sql injection (EUVD-2025-22577)

Vuldb Updates
1 week 4 days ago
A vulnerability, which was classified as critical, has been found in itsourcecode Insurance Management System 1.0. This issue affects some unknown processing of the file /updateAgent.php. The manipulation of the argument agent_id leads to sql injection. The identification of this vulnerability is CVE-2025-8135. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-8139 | TOTOLINK A702R 4.0.0-B20230721.1521 HTTP POST Request /boafrm/formPortFw service_type buffer overflow (EUVD-2025-22581)

Vuldb Updates
1 week 4 days ago
A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It has been classified as critical. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-8139. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-8129 | KoaJS Koa up to 3.0.0 HTTP Header lib/response.js back Referrer redirect (Issue 1892 / EUVD-2025-22567)

Vuldb Updates
1 week 4 days ago
A vulnerability, which was classified as problematic, was found in KoaJS Koa up to 3.0.0. Affected is the function back in the library lib/response.js of the component HTTP Header Handler. The manipulation of the argument Referrer leads to open redirect. This vulnerability is traded as CVE-2025-8129. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad