Qilin
You must login to view this content
Aggregator
Executive Dark Web Exposure: Protecting your Leadership
5 days 9 hours ago
Nisos
Executive Dark Web Exposure: Protecting your Leadership
Not long ago, a Social Security number (SSN) felt like a vault key. Private, protected, rarely seen. Today, it’s more like currency...
The post Executive Dark Web Exposure: Protecting your Leadership appeared first on Nisos by Nisos
The post Executive Dark Web Exposure: Protecting your Leadership appeared first on Security Boulevard.
Nisos
Don’t let “back to school” become “back to (cyber)bullying”
5 days 9 hours ago
Cyberbullying is a fact of life in our digital-centric society, but there are ways to push back
欢迎注册参会|第22届中国信息和通信安全学术会议即将召开
5 days 9 hours ago
CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits
5 days 9 hours ago
The Cybersecurity and Infrastructure Security Agency (CISA) released three Industrial Control Systems (ICS) advisories on August 26, 2025, detailing nine critical vulnerabilities in INVT VT-Designer and HMITool (CVSS v4 8.5). Multiple flaws in Schneider Electric Modicon M340 controllers (CVSS v4 scores up to 9.1), and several issues in Danfoss AK-SM 8xxA Series drives (CVSS v3.1 […]
The post CISA Issues New ICS Advisories on Critical Vulnerabilities and Exploits appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Divya
Google 在翻译应用中加入 AI 驱动的语言学习功能
5 days 9 hours ago
Google 正在其翻译应用(Translate app)中加入 AI 驱动的语言学习功能,进入了著名学习平台多邻国的领域。新的 Beta 学习功能使用 Gemini AI 模型生成定制课程。英语用户可以学习西班牙语和法语,西班牙语、法语和葡萄牙语用户可以学习英语。用户可以选择自己的语言水平和学习目标,创建定制学习场景,从专业对话到家庭互动。
CVE-2017-2299 | puppetlabs-apache up to 1.11.0/2.0.x ssl_certs_dir 7pk security (Nessus ID 255084 / BID-100859)
5 days 9 hours ago
A vulnerability, which was classified as critical, was found in puppetlabs-apache up to 1.11.0/2.0.x. Impacted is an unknown function. Executing manipulation of the argument ssl_certs_dir can lead to 7pk security features.
This vulnerability appears as CVE-2017-2299. The attack may be performed from a remote location. There is no available exploit.
You should upgrade the affected component.
vuldb.com
CVE-2018-12322 | radare2 2.6.0 libr/anal/p/anal_6502.c 6502_op Java Binary File out-of-bounds (Nessus ID 255085)
5 days 9 hours ago
A vulnerability was found in radare2 2.6.0. It has been classified as critical. This affects the function 6502_op of the file libr/anal/p/anal_6502.c. Performing manipulation as part of Java Binary File results in out-of-bounds read.
This vulnerability was named CVE-2018-12322. The attack needs to be approached locally. There is no available exploit.
vuldb.com
CVE-2017-5984 | libav 9.21 libavcodec ff_h264_execute_ref_pic_marking out-of-bounds (Nessus ID 255083)
5 days 9 hours ago
A vulnerability categorized as critical has been discovered in libav 9.21. The impacted element is the function ff_h264_execute_ref_pic_marking of the component libavcodec. The manipulation results in out-of-bounds read.
This vulnerability was named CVE-2017-5984. The attack may be performed from a remote location. There is no available exploit.
vuldb.com
CVE-2016-8678 | ImageMagick 7.0.3.0 File pixel-accessor.h IsPixelMonochrome out-of-bounds (Nessus ID 255087 / BID-93599)
5 days 9 hours ago
A vulnerability was found in ImageMagick 7.0.3.0. It has been classified as problematic. Affected is the function IsPixelMonochrome of the file MagickCore/pixel-accessor.h of the component File Handler. This manipulation causes out-of-bounds read.
This vulnerability is tracked as CVE-2016-8678. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
CVE-2018-20199 | Freeware Advanced Audio Decoder 2.8.8 libfaad/filtbank.c ifilter_bank null pointer dereference (Issue 24 / Nessus ID 255088)
5 days 9 hours ago
A vulnerability labeled as problematic has been found in Freeware Advanced Audio Decoder 2.8.8. Affected by this issue is the function ifilter_bank of the file libfaad/filtbank.c. Such manipulation leads to null pointer dereference.
This vulnerability is documented as CVE-2018-20199. The attack needs to be performed locally. There is not any exploit available.
vuldb.com
CVE-2024-54534 | Apple tvOS Web memory corruption (Nessus ID 213685 / WID-SEC-2025-0815)
5 days 9 hours ago
A vulnerability classified as critical has been found in Apple tvOS. This affects an unknown function of the component Web Handler. Performing manipulation results in memory corruption.
This vulnerability is identified as CVE-2024-54534. The attack can be initiated remotely. There is not any exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-54534 | Apple visionOS Web memory corruption (Nessus ID 213685 / WID-SEC-2025-0815)
5 days 9 hours ago
A vulnerability classified as critical was found in Apple visionOS. This impacts an unknown function of the component Web Handler. Executing manipulation can lead to memory corruption.
This vulnerability is tracked as CVE-2024-54534. The attack can be launched remotely. No exploit exists.
Upgrading the affected component is advised.
vuldb.com
CVE-2024-47606 | GStreamer up to 1.24.9 qtdemux.c qtdemux_parse_theora_extension integer overflow (GHSL-2024-166 / Nessus ID 213029)
5 days 9 hours ago
A vulnerability described as critical has been identified in GStreamer up to 1.24.9. Affected by this vulnerability is the function qtdemux_parse_theora_extension of the file qtdemux.c. Such manipulation leads to integer overflow.
This vulnerability is documented as CVE-2024-47606. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2024-8069 | Citrix Session Recording/Virtual Apps and Desktops deserialization (CTX691941 / WID-SEC-2024-3443)
5 days 9 hours ago
A vulnerability, which was classified as problematic, was found in Citrix Session Recording and Virtual Apps and Desktops. Affected by this vulnerability is an unknown functionality. Such manipulation leads to deserialization.
This vulnerability is traded as CVE-2024-8069. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2025-3478 | OpenText Enterprise Security Manager up to 7.8.1 cross site scripting (EUVD-2025-25704 / WID-SEC-2025-1904)
5 days 9 hours ago
A vulnerability identified as problematic has been detected in OpenText Enterprise Security Manager up to 7.8.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is referenced as CVE-2025-3478. Remote exploitation of the attack is possible. No exploit is available.
You should upgrade the affected component.
vuldb.com
CVE-2024-8068 | Citrix Session Recording/Virtual Apps and Desktops privileges management (CTX691941 / EUVD-2024-49530)
5 days 9 hours ago
A vulnerability was found in Citrix Session Recording and Virtual Apps and Desktops and classified as critical. This vulnerability affects unknown code. The manipulation results in improper privilege management.
This vulnerability is reported as CVE-2024-8068. The attacker must have access to the local network to execute the attack. Moreover, an exploit is present.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2025-38079 | Linux Kernel up to 6.14.8 crypto algif_hash use after free (EUVD-2025-18574 / Nessus ID 241773)
5 days 9 hours ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.14.8. This affects the function algif_hash of the component crypto. Performing manipulation results in use after free.
This vulnerability is reported as CVE-2025-38079. The attacker must have access to the local network to execute the attack. No exploit exists.
It is suggested to upgrade the affected component.
vuldb.com
Beyond Google Play: The End of Anonymous Sideloading Is Coming to Android
5 days 9 hours ago
Openness has long been the defining distinction between Android and the iPhone, yet in recent years Google has steadily shifted the balance toward security. Now the company is preparing its most radical step yet...
The post Beyond Google Play: The End of Anonymous Sideloading Is Coming to Android appeared first on Penetration Testing Tools.
ddos
ESET warns of PromptLock, the first AI-driven ransomware
5 days 9 hours ago
ESET found PromptLock, the first AI-driven ransomware, using OpenAI’s gpt-oss:20b via Ollama to generate and run malicious Lua scripts. In a series of messages published on X, ESET Research announced the discovery of the first known AI-powered ransomware, named PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to […]
Pierluigi Paganini