Aggregator

Submit #739508 / VDB-343475

A former Google engineer accused of stealing thousands of the company's confidential documents to build a startup in China has been convicted in the U.S., the Department of Justice (DoJ) announced Thursday. Linwei Ding (aka Leon Ding), 38, was convicted by a federal jury on seven counts of economic espionage and seven counts of theft of trade secrets for taking over 2,000 documents containing

1.      Qilin勒索团伙公布了新的受害者 2.      Akira勒索团伙公布新的受害公司 3.      Sinobi勒索团伙公布新的受害公司

A vulnerability, which was classified as critical, has been found in Free5GC. This affects an unknown function of the component PFCP Message Handler. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2023-47346. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available. It is advisable to upgrade the affected component.

A vulnerability marked as problematic has been reported in libexpat up to 2.7.3. This impacts the function doContent. Performing a manipulation results in integer overflow. This vulnerability was named CVE-2026-25210. The attack needs to be approached locally. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in tale 2.0.5. This affects an unknown function. Such manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-69749. The attack can be launched remotely. No exploit exists.

A vulnerability identified as problematic has been detected in Netgear PR2000. The impacted element is an unknown function of the component TelnetEnable. This manipulation causes inclusion of undocumented features or chicken bits. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2026-24714. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as problematic has been discovered in Tanium Server. The affected element is an unknown function. The manipulation results in incorrect authorization. This vulnerability is known as CVE-2025-15322. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in FluentCMS up to 0.0.5. It has been rated as problematic. Impacted is an unknown function of the component File Management Module. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-15549. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Tanium Interact up to 3.5.89. It has been declared as problematic. This issue affects some unknown processing. Executing a manipulation can lead to incorrect authorization. This vulnerability appears as CVE-2025-15288. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in Ivanti Endpoint Manager Mobile. It has been classified as critical. This vulnerability affects unknown code. Performing a manipulation results in code injection. This vulnerability is reported as CVE-2026-1340. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in Ivanti Endpoint Manager Mobile and classified as critical. This affects an unknown part. Such manipulation leads to code injection. This vulnerability is documented as CVE-2026-1281. The attack can be executed remotely. Additionally, an exploit exists. It is suggested to upgrade the affected component.

A vulnerability has been found in Edgemo 1.2.7.23180 on Windows and classified as critical. Affected by this issue is some unknown functionality of the file LocalAdminService.exe of the component WCF Endpoint. This manipulation causes execution with unnecessary privileges. This vulnerability is registered as CVE-2026-1680. The attack needs to be launched locally. No exploit is available.

A vulnerability, which was classified as problematic, was found in budibase up to 3.26.3. Affected by this vulnerability is an unknown functionality. The manipulation results in incorrect authorization. This vulnerability is cataloged as CVE-2026-25040. The attack may be launched remotely. There is no exploit available.

根据发表在《科学》期刊上的一项研究，人类寿命的遗传性远高于以往的认知。分析显示，在排除了诸如意外事故或传染病等外部因素所导致的死亡之后，遗传因素或许可解释影响人类寿命长短中的约 50%的。理解人类寿命的遗传性是衰老问题研究的核心，然而要衡量基因对长寿的影响仍颇为棘手。尽管已发现一些与寿命相关的基因，但外部环境因素——如疾病或生活条件——对个体寿命的长短影响重大，因而常会掩盖或模糊潜在的遗传影响。为厘清死亡的内、外成因，研究人员运用了数学模型、人类死亡率模拟以及多个大规模双胞胎队列数据集。研究结果显示，外源性死亡会系统性地压低对寿命遗传影响的估测。一旦将外因导致的死亡数据进行妥善剥离，作者发现，遗传对人类寿命的影响率会大幅跃升至 55% 左右——这一数值是先前估计的两倍以上，表明遗传是决定人类衰老进程的核心驱动因素。

A vulnerability categorized as problematic has been discovered in birkir prime up to 0.4.0.beta.0. This vulnerability affects unknown code. Such manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2026-1169. The attack can be launched remotely. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet. This entry seems to have a duplicate CVE-2025-15550 assigned.

Функция «Ограничение точного местоположения» стала доступна на новых моделях iPhone и iPad.

A vulnerability, which was classified as critical, has been found in inspektor-gadget Inspektor Gadget up to 0.48.0. Affected is an unknown function of the file inspektor-gadget/cmd/common/image/build.go. The manipulation leads to command injection. This vulnerability is listed as CVE-2026-24905. The attack must be carried out locally. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in TrustTunnel up to 0.9.113. This impacts the function TcpStream::connect. Executing a manipulation can lead to server-side request forgery. This vulnerability is tracked as CVE-2026-24902. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in Shirt Pocket SuperDuper up to 3.11. This affects an unknown function of the component Default Task Template Handler. Performing a manipulation results in Local Privilege Escalation. This vulnerability is identified as CVE-2025-69604. The attack is only possible with local access. There is not any exploit available.