Aggregator

CVE-2025-6310 | PHPGurukul Emergency Ambulance Hiring Portal 1.0 /index.php Message sql injection (EUVD-2025-18719)

Vuldb Updates
1 month 3 weeks ago
A vulnerability, which was classified as critical, has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Message leads to sql injection. This vulnerability is handled as CVE-2025-6310. The attack may be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.
vuldb.com

CVE-2024-23905 | Red Hat Dependency Analytics Plugin up to 0.7.1 on Jenkins ui layer (EUVD-2024-0455)

Vuldb Updates
1 month 3 weeks ago
A vulnerability was found in Red Hat Dependency Analytics Plugin up to 0.7.1 on Jenkins and classified as problematic. This issue affects some unknown processing. The manipulation leads to improper restriction of rendered ui layers. The identification of this vulnerability is CVE-2024-23905. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-52094 | Trend Micro Apex One Security Agent Security Agent Updater link following (EUVD-2023-56768)

Vuldb Updates
1 month 3 weeks ago
A vulnerability, which was classified as critical, has been found in Trend Micro Apex One Security Agent. Affected by this issue is some unknown functionality of the component Security Agent Updater. The manipulation leads to link following. This vulnerability is handled as CVE-2023-52094. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-52331 | Trend Micro Apex Central modVulnerabilityProtect server-side request forgery (EUVD-2023-56988)

Vuldb Updates
1 month 3 weeks ago
A vulnerability, which was classified as critical, has been found in Trend Micro Apex Central. This issue affects the function modVulnerabilityProtect. The manipulation leads to server-side request forgery. The identification of this vulnerability is CVE-2023-52331. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-50275 | HPE OneView up to 7.0 clusterService improper authentication (EUVD-2023-55086)

Vuldb Updates
1 month 3 weeks ago
A vulnerability was found in HPE OneView up to 7.0. It has been declared as critical. This vulnerability affects the function clusterService. The manipulation leads to improper authentication. This vulnerability was named CVE-2023-50275. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-6371 | D-Link DIR-619L 2.06B01 formSetEnableWizard curTime stack-based overflow (EUVD-2025-18794)

Vuldb Updates
1 month 3 weeks ago
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-6371. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2023-38318 | OpenNDS up to 10.1.2 Configuration File os command injection (EUVD-2023-42137 / Nessus ID 226449)

Vuldb Updates
1 month 3 weeks ago
A vulnerability has been found in OpenNDS up to 10.1.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Configuration File Handler. The manipulation leads to os command injection. This vulnerability is known as CVE-2023-38318. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-6373 | D-Link DIR-619L 2.06B01 /goform/formWlSiteSurvey formSetWizard1 curTime stack-based overflow (EUVD-2025-18795)

Vuldb Updates
1 month 3 weeks ago
A vulnerability has been found in D-Link DIR-619L 2.06B01 and classified as critical. This vulnerability affects the function formSetWizard1 of the file /goform/formWlSiteSurvey. The manipulation of the argument curTime leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2025-6373. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

Microsoft Announces New Security Defaults for Windows 365 Cloud PCs

Cyber Security News
1 month 3 weeks ago

Microsoft unveiled significant security enhancements for Windows 365 Cloud PCs on June 18, 2025, introducing new default configurations that prioritize data protection and system integrity.  The updates include disabling clipboard, drive, USB, and printer redirections by default, while enabling advanced security features like virtualization-based security (VBS), Credential Guard, and hypervisor-protected code integrity (HVCI) for Windows […]

The post Microsoft Announces New Security Defaults for Windows 365 Cloud PCs appeared first on Cyber Security News.

Kaaviya

某米路由器漏洞挖掘分享

吾爱破解论坛
1 month 3 weeks ago
去年年中开始接触IOT设备的漏洞挖掘, 之后有几个聊胜于无的产出, 但没啥变现机会, 大概是去年的国庆前后, 一位学长告诉我某米SRC最近有活动, 可以多看看这家路由器。

CVE-2021-47168 | Linux Kernel up to 5.12.8 NFS filelayout_decode_layout memory corruption (Nessus ID 239742)

Vuldb Updates
1 month 3 weeks ago
A vulnerability classified as critical has been found in Linux Kernel up to 5.12.8. This affects the function filelayout_decode_layout of the component NFS. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2021-47168. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2021-47184 | Linux Kernel up to 4.14.255/4.19.217/5.4.161/5.10.81/5.15.4 i40e null pointer dereference (Nessus ID 239742)

Vuldb Updates
1 month 3 weeks ago
A vulnerability classified as critical was found in Linux Kernel up to 4.14.255/4.19.217/5.4.161/5.10.81/5.15.4. Affected by this vulnerability is an unknown functionality of the component i40e. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2021-47184. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad