Aggregator

A vulnerability marked as problematic has been reported in MH Software Connect Daily up to 3.2.9. This affects an unknown function of the file viewday.html of the component Web Calendar. The manipulation of the argument week leads to basic cross site scripting. This vulnerability is documented as CVE-2006-1508. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability, which was classified as problematic, was found in ConfTool 1.1. The impacted element is an unknown function of the file index.php. The manipulation of the argument page results in basic cross site scripting. This vulnerability was named CVE-2006-1482. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability, which was classified as critical, was found in Content*Builder 0.7.5. Affected is an unknown function of the component Libraries. The manipulation of the argument actualModuleDir results in file inclusion. This vulnerability is reported as CVE-2006-3173. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability categorized as problematic has been discovered in Swsoft Confixx 3.0.6/3.0.8/3.1.2. This issue affects some unknown processing. The manipulation of the argument Login results in basic cross site scripting. This vulnerability is identified as CVE-2006-2423. The attack can be executed remotely. Additionally, an exploit exists.

GitHub已经从最初的代码托管工具，成长为现代软件开发的核心平台。

A vulnerability categorized as critical has been discovered in OpenAgentPlatform Dive up to 0.9.3. This affects an unknown part of the file Dive/electron/main/deeplink.ts. Such manipulation leads to code injection. This vulnerability is listed as CVE-2025-58176. The attack may be performed from remote. In addition, an exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in Gunosy up to 7.33.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the component JSON Web Token Handler. This manipulation causes insertion of sensitive information into sent data. This vulnerability is tracked as CVE-2025-44017. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

Submit #642824 / VDB-322149

中秋礼盒来啦~

在2025年5月19日00:00至2025年9月19日23:59期间，提交1个平台审核通过的漏洞即可获得1个补天众测中秋礼盒。（注：每个id仅兑换1份）

Автоматизация жалоб по DMCA превращается в инструмент удаления легального контента.

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

/r/netsec 是一个由社区管理的技术信息安全聚合平台，旨在为安全从业者、学生、研究人员和黑客提供有价值的信息资源。

A critical vulnerability in HashiCorp Vault—tracked as CVE-2025-6203 and HCSEC-2025-24—has been disclosed that allows malicious actors to submit specially crafted payloads capable of exhausting server resources and rendering Vault instances unresponsive. The flaw affects both Vault Community and Enterprise editions, spanning versions 1.15.0 through 1.20.2 (with select earlier patch versions), and was publicly disclosed on […]

The post HashiCorp Vault Vulnerability Allows Attackers to Crash Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Von der Leyen’s plane faced suspected Russian GPS jamming in Bulgaria, but the EU chief landed safely, says European Commission. The EU confirmed that Ursula von der Leyen’s plane experienced GPS jamming while flying to Bulgaria. The European authorities suspect Russian interference, though the aircraft landed safely. Bulgarian officials provided the information, and the EU […]

对于席卷硅谷的 AI 人才争夺战，亚马逊基本上是袖手旁观。根据电商巨头 HR 团队去年底撰写的一份内部文件，总结了在 AI 人才招聘上的不利因素，包括地理位置、薪酬以及在 AI 领域明显落后等。相比下竞争对手则通常会提供更全面、更激进的薪酬待遇。亚马逊以节俭著称。它的一个起源故事是从家得宝（Home Depot）购买廉价门然后将其改装成办公桌。据说 Jeff Bezos 至今仍在使用这种改装过的办公桌。

一位女性因前夫猜出其手机密码并进入Google Drive查看其私密照片和视频而感到困扰，她希望利用备份手机删除相关内容，并询问如何破解Pixel 9的四位密码。

A vulnerability was found in NetMechanica NetDecision 4.5.1. It has been rated as problematic. The affected element is an unknown function. The manipulation leads to information disclosure. This vulnerability is listed as CVE-2012-1466. The attack may be initiated remotely. In addition, an exploit is available. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Novell NetIQ 2.3.0/2.3.1. This vulnerability affects the function set_log_config in the library regclnt.dll of the file unifid.exe of the component Privileged User Manager. This manipulation with the input ../../ causes path traversal. The identification of this vulnerability is CVE-2012-5931. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. You should upgrade the affected component.

A vulnerability was found in Novell File Reporter 1.0.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file NFRAgent.exe. The manipulation results in path traversal. This vulnerability is cataloged as CVE-2012-4958. The attack may be launched remotely. Furthermore, there is an exploit available.