Nearly 94 Billion Stolen Cookies Found on Dark Web
Cybersecurity experts warn of widespread data exposure as a recent investigation reveals a staggering number of internet cookies…
Aggregator
CVE-2023-42576 | Samsung Samsung Pass 4.0.06.1 improper authentication (EUVD-2023-47009)
1 month 4 weeks ago
A vulnerability classified as problematic was found in Samsung Samsung Pass 4.0.06.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication.
This vulnerability is known as CVE-2023-42576. It is possible to launch the attack on the physical device. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Cellebrite to acquire mobile testing firm Corellium in $200 million deal
1 month 4 weeks ago
Both companies have faced controversy in recent years, primarily for their work in circumventing mobile device security features
The post Cellebrite to acquire mobile testing firm Corellium in $200 million deal appeared first on CyberScoop.
Greg Otto
Adobe 发布 Android 版 Photoshop,目前免费测试
1 month 4 weeks ago
Adobe 发布了 Android 版 Photoshop,目前还是 Beta,但用户可以免费试用。这是 Adobe 第三次尝试将其著名图像编辑软件移植到手机上,这一次移植在功能上要更完整,比之前的 Photoshop Express 或 Photoshop Touch 强大得多。除了传统的图像编辑功能外,它还提供了一系列生成式 AI 功能,用户可通过文本提示选择对象或背景、移除对象以及插入新内容。Photoshop(Beta)的硬件要求是至少 6GB 内存,最好 8GB 内存,600MB 存储空间,以及运行的 Android 版本是至少是 Android 11。
All about that baseline: Detecting anomalies with Surveyor
1 month 4 weeks ago
The Surveyor open source tool can help organizations establish a baseline of their environment, verify activity, and investigate anomalies.
Tre Wilkins
CVE-2023-45050 | Automattic Jetpack Plugin up to 12.8-a.1 on WordPress Block Attribute cross site scripting (EUVD-2023-49371)
1 month 4 weeks ago
A vulnerability was found in Automattic Jetpack Plugin up to 12.8-a.1 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Block Attribute Handler. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2023-45050. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2023-41128 | Iqonic Design WP Roadmap Plugin up to 1.0.8 on WordPress cross site scripting (EUVD-2023-45647)
1 month 4 weeks ago
A vulnerability, which was classified as problematic, was found in Iqonic Design WP Roadmap Plugin up to 1.0.8 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2023-41128. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-27445 | rsjoomla RSFirewall Component up to 3.1.5 on Joomla path traversal (EUVD-2025-16991)
1 month 4 weeks ago
A vulnerability has been found in rsjoomla RSFirewall Component up to 3.1.5 on Joomla and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal: '.../...//'.
This vulnerability is known as CVE-2025-27445. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-27753 | rsjoomla RSMediaGallery Component up to 2.1.6 on Joomla sql injection (EUVD-2025-16990)
1 month 4 weeks ago
A vulnerability was found in rsjoomla RSMediaGallery Component up to 2.1.6 on Joomla and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection.
This vulnerability is handled as CVE-2025-27753. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2023-49076 | Pimcore customer-data-framework up to 4.0.4 cross-site request forgery (EUVD-2023-53095)
1 month 4 weeks ago
A vulnerability classified as problematic was found in Pimcore customer-data-framework up to 4.0.4. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery.
This vulnerability was named CVE-2023-49076. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2023-48329 | CodeBard Fast Custom Social Share by Plugin up to 1.1.1 on WordPress cross site scripting (EUVD-2023-52385)
1 month 4 weeks ago
A vulnerability, which was classified as problematic, was found in CodeBard Fast Custom Social Share by Plugin up to 1.1.1 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2023-48329. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
El Dorado
1 month 4 weeks ago
You must login to view this content
cohenido
INC
1 month 4 weeks ago
You must login to view this content
cohenido
Akira
1 month 4 weeks ago
You must login to view this content
cohenido
CVE-2024-30066 | Microsoft Windows up to Server 2022 23H2 Winlogon heap-based overflow (EUVD-2024-28003)
1 month 4 weeks ago
A vulnerability was found in Microsoft Windows and classified as problematic. This issue affects some unknown processing of the component Winlogon. The manipulation leads to heap-based buffer overflow.
The identification of this vulnerability is CVE-2024-30066. The attack needs to be approached locally. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-30067 | Microsoft Windows up to Server 2022 23H2 Winlogon integer overflow (EUVD-2024-28004)
1 month 4 weeks ago
A vulnerability was found in Microsoft Windows. It has been classified as problematic. Affected is an unknown function of the component Winlogon. The manipulation leads to integer overflow.
This vulnerability is traded as CVE-2024-30067. An attack has to be approached locally. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-30062 | Microsoft Windows Standards-Based Storage Management Service use after free (EUVD-2024-27999)
1 month 4 weeks ago
A vulnerability classified as critical was found in Microsoft Windows Server 2012 R2/Server 2016/Server 2019/Server 2022. Affected by this vulnerability is an unknown functionality of the component Standards-Based Storage Management Service. The manipulation leads to use after free.
This vulnerability is known as CVE-2024-30062. The attack can be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
#Infosec2025: Threat Actors Weaponizing Hardware Devices to Exploit Fortified Environments
1 month 4 weeks ago
Sophisticated nation-state and cybercriminal groups are using insiders to infect targets via hardware devices, despite a lack of reporting of this threat
Finding Balance in US AI Regulation
1 month 4 weeks ago
The US can't afford to wait for political consensus to catch up to technological change.
John Hurley
Open source policy management: How Sonatype supports security at scale
1 month 4 weeks ago
As organizations rely more heavily on open source components, software composition analysis (SCA) has become essential for identifying risks. But visibility alone is not enough. What turns insight into action is effective policy management: the ability to define and enforce rules that govern how software is built.
The post Open source policy management: How Sonatype supports security at scale appeared first on Security Boulevard.
Aaron Linskens