Aggregator

CVE-2025-8160 | Tenda AC20 up to 16.03.08.12 httpd /goform/SetSysTimeCfg timeZone buffer overflow (EUVD-2025-22705)

1 month 1 week ago

A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. This vulnerability is traded as CVE-2025-8160. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com

Конец эпохи композиторов — ИИ нанёс смертельный удар по живой музыке

Securitylab.ru

1 month 1 week ago

Новые мелодии без чувств. Но слушатели замирают, как на концерте Шопена.

Intruder Open Sources Tool for Testing API Security

Security Boulevard

1 month 1 week ago

Intruder this week made available an open-source tool that scans application programming interfaces (APIs) for broken authorization vulnerabilities.

The post Intruder Open Sources Tool for Testing API Security appeared first on Security Boulevard.

Michael Vizard

Akira

Dark Feed IO

1 month 1 week ago

You must login to view this content

cohenido

Akira

Dark Feed IO

1 month 1 week ago

You must login to view this content

cohenido

CVE-2025-41240

CVE Trends

1 month 1 week ago

Currently trending CVE - Hype Score: 7 - Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server document root. In affected versions, this can lead to unauthenticated access to sensitive credentials via HTTP/S. A remote attacker could ...

10 Best API Monitoring Tools in 2025

Cyber Security News

1 month 1 week ago

API monitoring tools ensure the performance, availability, and reliability of application programming interfaces (APIs) that connect different software systems. These tools continuously track and analyze API requests and responses to detect slow response times, errors, and downtime. By providing real-time insights, alerts, and detailed analytics, API monitoring tools help developers and IT teams identify and […]

The post 10 Best API Monitoring Tools in 2025 appeared first on Cyber Security News.

CISO Advisory

CVE-2025-7909 | D-Link DIR-513 1.0 Boa Webserver formLanSetupRouterSettings sprintf curTime stack-based overflow (EUVD-2025-22042)

Vuldb Updates

1 month 1 week ago

A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. Affected by this issue is the function sprintf of the file /goform/formLanSetupRouterSettings of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-7909. The attack may be launched remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-7910 | D-Link DIR-513 1.10 Boa Webserver formSetWanNonLogin sprintf curTime stack-based overflow (EUVD-2025-22041)

Vuldb Updates

1 month 1 week ago

A vulnerability classified as critical has been found in D-Link DIR-513 1.10. This affects the function sprintf of the file /goform/formSetWanNonLogin of the component Boa Webserver. The manipulation of the argument curTime leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2025-7910. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-37106 | HPE AutoPass License Server up to 9.17 improper authentication (EUVD-2025-21733)

Vuldb Updates

1 month 1 week ago

A vulnerability was found in HPE AutoPass License Server up to 9.17. It has been classified as critical. This affects an unknown part. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2025-37106. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-37107 | HPE AutoPass License Server up to 9.17 improper authentication (EUVD-2025-21732)

Vuldb Updates

1 month 1 week ago

A vulnerability was found in HPE AutoPass License Server up to 9.17. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to improper authentication. This vulnerability was named CVE-2025-37107. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-51767 | HPE AutoPass License Server improper authentication (ZDI-24-1631 / EUVD-2024-54782)

Vuldb Updates

1 month 1 week ago

A vulnerability, which was classified as critical, has been found in HPE AutoPass License Server. This issue affects some unknown processing. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2024-51767. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-51769 | HPE AutoPass License Server sql injection (ZDI-24-1633 / EUVD-2024-54780)

Vuldb Updates

1 month 1 week ago

A vulnerability, which was classified as critical, was found in HPE AutoPass License Server. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-51769. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-51770 | HPE AutoPass License Server xml external entity reference (ZDI-24-1634 / EUVD-2024-54783)

Vuldb Updates

1 month 1 week ago

A vulnerability has been found in HPE AutoPass License Server and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to xml external entity reference. This vulnerability is known as CVE-2024-51770. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Conti → Royal → BlackSuit → Chaos? Правоохранители провели Checkmate — инфраструктура демонтирована, утечки‑площадки закрыты, на месте — баннеры о конфискации

Securitylab.ru

1 month 1 week ago

Спецслужбы пяти стран объединились против наследников легендарного преступного синдиката.

SecWiki News 2025-07-25 Review

SecWiki News(国内外安全资讯)

1 month 1 week ago

今日暂未更新资讯~
更多最新文章，请访问SecWiki

Wayback 0.1 释出

Solidot

1 month 1 week ago

Wayback 项目释出了 v0.1 版本。Wayland 是目前主流的显示服务器，它正在取代 X.org X11 server，后者目前处于维护模式，不再继续开发。虽然 Wayland 取得了长足进步，但仍然有很多基于 X11 的窗口管理器和桌面环境不支持 Wayland。Wayback 项目就是旨在解决这一问题，允许用户在 Wayland 上运行旧的 X11 桌面环境，它有望成为 X.org 的一个更简单更直接的替代，减轻 Linux 发行版的维护负担。v0.1 的版本号意味着它处于 alpha 状态，功能远不完整，有很多功能尚未实现或正在开发中，如多显示器支持。

Beware of Fake Error Pages Deploying Platform-Specific Malware on Linux and Windows Systems

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

1 month 1 week ago

Wiz Research has uncovered an active cryptomining campaign, dubbed Soco404, that exploits misconfigurations in PostgreSQL databases and other cloud services to deploy platform-specific malware on both Linux and Windows systems. This operation, part of a broader crypto-scam infrastructure, leverages opportunistic scanning for exposed services, abusing features like PostgreSQL’s COPY FROM PROGRAM for remote code execution […]

The post Beware of Fake Error Pages Deploying Platform-Specific Malware on Linux and Windows Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Вечный аккумулятор? Почти. Алмаз взял энергию в заложники без шансов на побег

Securitylab.ru

1 month 1 week ago

Наука создала первую батарейку из вечности.

AMD CEO 称台积电美国工厂制造的芯片贵 5%-20%

Solidot

1 month 1 week ago

AMD CEO 苏姿丰表示，台积电美国工厂制造的芯片会比台湾工厂贵 5%-20%，预计今年年底台积电亚利桑那州工厂会为 AMD 生产芯片。她表示额外的支出是值得的，有助于实现芯片供应的多元化。她称新冠疫情期间得到的教训促使他们关注供应链的弹性。苏姿丰认为 AI 芯片的供应将会持续保持高位。英伟达是最主要的 AI 芯片供应商，而 AMD 是英伟达最接近的竞争对手。

Aggregator

Managed ad