Aggregator

Defensie versterkt de capaciteiten om drones te bestrijden. De organisatie schaft hiervoor 22 mobiele anti-drone kanonsystemen aan. Defensie hoopt de contracten snel te ondertekenen. Als dat lukt zijn de eerste nieuwe systemen mogelijk in 2028 binnen. Dat meldt staatssecretaris Gijs Tuinman vandaag.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

2025-01-22期刊征文-暗网抑制前沿进展  ourren || discuss

A vulnerability classified as problematic has been found in Twig up to 3.18.x. This affects an unknown part of the component ?? Operator Handler. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2025-24374. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in snowflakedb pdo_snowflake up to 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to signed to unsigned conversion error. This vulnerability is handled as CVE-2025-24792. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in needyamin Library Card System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file signup.php of the component Registration Page. The manipulation of the argument firstname/lastname/email/borrow/user_address leads to cross site scripting. This vulnerability is known as CVE-2025-0844. The attack can be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in needyamin Library Card System 1.0. It has been classified as critical. Affected is an unknown function of the file admindashboard.php of the component Admin Panel. The manipulation of the argument email/password leads to sql injection. This vulnerability is traded as CVE-2025-0843. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This issue affects some unknown processing of the file admin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The identification of this vulnerability is CVE-2025-0842. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #485558 / VDB-294001

Submit #485553 / VDB-294000

Submit #485540 / VDB-293999

A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as critical. This vulnerability affects the function loadMore of the component News. The manipulation leads to deserialization. This vulnerability was named CVE-2025-0841. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

The most recent update for Windows 11 24H2, identified as KB5050009, has caused various kinds of technical issues for users, affecting critical functionalities like audio, Bluetooth, USB devices, and webcams. Released earlier this month, the update was intended to enhance system stability and introduce new features but has instead left many users grappling with broken […]

The post Windows 11 24H2 Update Breaks Web camera, Audio, & USB appeared first on Cyber Security News.

A ransomware attack on a large healthcare network in Maryland has forced officials to shut off IT s

Submit #485445 / VDB-293998

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-0840. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Submit #485255 / VDB-293997

The state-sponsored threat actors are increasingly exploiting Google’s AI-powered assistant, Gemini, to enhance their cyber operations.  While generative AI tools like Gemini hold immense potential for innovation and productivity, their misuse by advanced persistent threat (APT) groups and information operations (IO) actors underscores the dual-use nature of such technologies. Google’s Threat Intelligence Group (GTIG) has […]

The post State-sponsored Actors Abusing Gemini to Fuel Cyber Attacks appeared first on Cyber Security News.

A vulnerability, which was classified as problematic, has been found in MIT Kerberos 5 1.7. Affected by this issue is some unknown functionality of the file kadmind of the component Incremental Propagation. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-24528. The attack needs to be done within the local network. There is no exploit available.