Qilin
You must login to view this content
Aggregator
CVE-2025-44137 | MapTiler Tileserver-php 2.0 GET Parameter tileserver.php renderTile TileMatrix/TileRow/TileCol/Format path traversal (Issue 167)
1 month 1 week ago
A vulnerability was found in MapTiler Tileserver-php 2.0. It has been rated as critical. This issue affects the function renderTile of the file tileserver.php of the component GET Parameter Handler. The manipulation of the argument TileMatrix/TileRow/TileCol/Format leads to path traversal.
The identification of this vulnerability is CVE-2025-44137. The attack may be initiated remotely. There is no exploit available.
vuldb.com
Insights from the SPARK Matrix™: Network Observability – Q3 2025 Report
1 month 1 week ago
There is more complexity in today’s network environments than ever before. This multivendor, hybrid/multicloud infrastructure, with applications hosted in private data centers, software-as-a-service (SaaS) and unified-communications-as-a-service (UCaaS) providers’ systems, and public cloud, all inter-connected by a...
Eileen Haggerty
CVE-2014-9194 | Arbiter Systems 1094B GPS Substation Clock data processing
1 month 1 week ago
A vulnerability has been found in Arbiter Systems 1094B GPS Substation Clock and classified as problematic. This vulnerability affects unknown code. The manipulation leads to data processing error.
This vulnerability was named CVE-2014-9194. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-27260 | IBM AIX/VIOS invscout Command unnecessary privileges (XFDB-283985)
1 month 1 week ago
A vulnerability, which was classified as critical, has been found in IBM AIX and VIOS. Affected by this issue is some unknown functionality of the component invscout Command Handler. The manipulation leads to execution with unnecessary privileges.
This vulnerability is handled as CVE-2024-27260. Attacking locally is a requirement. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2018-4301 | Apple Smart Card Services prior 201801 GemaltoKeyHandle.cpp stack-based overflow
1 month 1 week ago
A vulnerability was found in Apple Smart Card Services. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file GemaltoKeyHandle.cpp. The manipulation leads to stack-based buffer overflow.
This vulnerability is known as CVE-2018-4301. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-12755 | Avaya Spaces cross site scripting
1 month 1 week ago
A vulnerability, which was classified as problematic, was found in Avaya Spaces. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-12755. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-12756 | Avaya Spaces cross site scripting
1 month 1 week ago
A vulnerability was found in Avaya Spaces. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting.
This vulnerability is known as CVE-2024-12756. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-50062 | Oracle PeopleSoft Enterprise HCM Global Payroll Core 9.2.51/9.2.52 Global Payroll for Core improper authorization (EUVD-2025-21516)
1 month 1 week ago
A vulnerability was found in Oracle PeopleSoft Enterprise HCM Global Payroll Core 9.2.51/9.2.52 and classified as critical. This issue affects some unknown processing of the component Global Payroll for Core. The manipulation leads to improper authorization.
The identification of this vulnerability is CVE-2025-50062. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-30750 | Oracle Database Server up to 19.27/21.18/23.8 Unified Audit Component improper authorization (EUVD-2025-21529)
1 month 1 week ago
A vulnerability, which was classified as critical, was found in Oracle Database Server up to 19.27/21.18/23.8. Affected is an unknown function of the component Unified Audit Component. The manipulation leads to improper authorization.
This vulnerability is traded as CVE-2025-30750. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-30758 | Oracle Siebel CRM End User up to 25.5 User Interface information disclosure (EUVD-2025-21523)
1 month 1 week ago
A vulnerability was found in Oracle Siebel CRM End User up to 25.5. It has been classified as problematic. This affects an unknown part of the component User Interface. The manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2025-30758. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-30739 | Oracle CRM Technical Foundation up to 12.2.13 Preferences improper authorization (EUVD-2025-21538)
1 month 1 week ago
A vulnerability, which was classified as critical, has been found in Oracle CRM Technical Foundation up to 12.2.13. This issue affects some unknown processing of the component Preferences. The manipulation leads to improper authorization.
The identification of this vulnerability is CVE-2025-30739. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-30743 | Oracle Lease and Finance Management 12.2.13 Internal Operations authorization (EUVD-2025-21536)
1 month 1 week ago
A vulnerability classified as critical was found in Oracle Lease and Finance Management 12.2.13. This vulnerability affects unknown code of the component Internal Operations. The manipulation leads to incorrect authorization.
This vulnerability was named CVE-2025-30743. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-30745 | Oracle MES for Process Manufacturing 12.2.12/12.2.13 Device Integration cross-site request forgery
1 month 1 week ago
A vulnerability was found in Oracle MES for Process Manufacturing 12.2.12/12.2.13 and classified as critical. Affected by this issue is some unknown functionality of the component Device Integration. The manipulation leads to cross-site request forgery.
This vulnerability is handled as CVE-2025-30745. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-48795 | Apache CXF up to 3.5.10/3.6.5/4.0.6/4.1.0 resource consumption (EUVD-2025-21438 / Nessus ID 242260)
1 month 1 week ago
A vulnerability was found in Apache CXF up to 3.5.10/3.6.5/4.0.6/4.1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to resource consumption.
This vulnerability is known as CVE-2025-48795. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Android Banking Malware Masquerades as Government Agencies to Attack Users
1 month 1 week ago
Cyble Research and Intelligence Labs (CRIL) has uncovered a sophisticated Android banking trojan dubbed RedHook, which disguises itself as legitimate applications from Vietnamese government and financial institutions to deceive users. This malware, first observed in the wild around January 2025, exploits phishing websites mimicking entities like the State Bank of Vietnam, Sacombank, Central Power Corporation, […]
The post Android Banking Malware Masquerades as Government Agencies to Attack Users appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Russian airline Aeroflot grounds dozens of flights after cyberattack
1 month 1 week ago
Aeroflot, Russia's flag carrier, has suffered a cyberattack that resulted in the cancellation of more than 60 flights and severe delays on additional flights. [...]
Bill Toulas
Want To Detect Incidents Before It’s Too Late? You Need Threat Intelligence
1 month 1 week ago
The difference between a minor security incident and a devastating breach often comes down to one critical factor: how quickly you can detect and respond to a threat. Hackers rarely target an isolated business: they typically launch campaigns that hit multiple companies with similar tactics, techniques, and procedures (TTPs). This means, by the time an […]
The post Want To Detect Incidents Before It’s Too Late? You Need Threat Intelligence appeared first on Cyber Security News.
Balaji N
Beast New Threat Actor
1 month 1 week ago
You must login to view this content
cohenido
Порноместь: как сохранить свои сексуальные данные в безопасности и как действовать, если вы стали жертвой незаконного распространения интимной информации
1 month 1 week ago
Вы когда-нибудь отправляли своему партнеру откровенные фото или видео? А вы уверены, что они не попадут в чужие руки? К сожалению, в наше время это не такая уж редкость. Существует такое явление, как порноместь - когда кто-то выкладывает в интернете вашу интимную информацию без вашего разрешения. Это может быть ваш бывший любовник, который хочет отомстить вам за расставание; хакер, который взломал ваш компьютер или телефон; или просто злой человек, который нашел вашу фотку в сети и решил поиздеваться над вами.