Aggregator

一、我们懂,成长型企业安全建设的“难言之隐” 对于所有企业来说,安全工作有着相同的关键目标:威胁风险能提前预防 […]

Физики преодолели оптический предел, создав пиксели меньше длины волны света.

Инфраструктура Тайваня под прицелом китайского кибершпионажа.

A vulnerability has been found in FastCMS up to 0.1.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/client/article/list. The manipulation of the argument orderBy leads to sql injection. This vulnerability is known as CVE-2025-2593. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Qt up to 5.15.18/6.5.8/6.7.x. Affected is the function encodeText of the component QDom. The manipulation leads to inefficient algorithmic complexity. This vulnerability is traded as CVE-2025-30348. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Submit #517927 / VDB-300577

Submit #517926 / VDB-300577

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function CSMImporter::InternReadFile of the file code/AssetLib/CSM/CSMLoader.cpp. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2025-2592. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. This vulnerability was named CVE-2025-2591. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.