Aggregator

A vulnerability was found in Diebold Nixdorf Vynamic Security Suite up to 3.3.0 SR3. It has been declared as critical. This issue affects some unknown processing of the file /etc/initab of the component Pre-Boot Authorization. The manipulation results in improper authorization. This vulnerability is cataloged as CVE-2023-24064. An attack on the physical device is feasible. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Connectize AC21000 G6 641.139.1.1256. Impacted is an unknown function. The manipulation results in weak password recovery. This vulnerability is cataloged as CVE-2023-24052. The attack must originate from the local network. There is no exploit available.

A vulnerability described as critical has been identified in Haven. This affects an unknown part of the component Feed Handler. Such manipulation leads to server-side request forgery. This vulnerability is listed as CVE-2023-24060. The attack must be carried out from within the local network. In addition, an exploit is available.

今年早些时候的数据显示，自 2020 年 4 月以来，著名编程问答社 区Stack Overflow 上的问答量下降了九成以上，一大原因是 AI 聊天机器人的兴起。最大的在线百科全书透露它也遇到了类似的问题。管理维基百科的维基媒体基金会称，因为越来越多的人通过 AI 聊天机器人和无需点击的搜索引擎获取信息，维基百科的访问量显著下降。基金会产品高级总监 Marshall Miller 在 Diff 博客上称，过去几个月维基百科页面的人类浏览量比 2024 年同期下降了约 8%。他对维基百科的长期可维持性表达了担忧。他说，访问量的减少，可能会导致更少的志愿编辑去丰富内容，进而可能导致个人捐助者减少。

A vulnerability was found in SGI IRIX up to 6.5.6. It has been declared as problematic. This issue affects some unknown processing of the component Performance Copilot. Executing manipulation can lead to information disclosure. This vulnerability appears as CVE-2000-0283. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in CNC Technology BizDB 1.0. It has been rated as critical. Impacted is an unknown function of the file bizdb-search.cgi. The manipulation of the argument dbname leads to improper privilege management. This vulnerability is traded as CVE-2000-0287. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical was found in University of Washington imapd 4.7. Affected by this issue is some unknown functionality of the component LIST Command Handler. The manipulation results in memory corruption. This vulnerability is identified as CVE-2000-0284. The attack can be executed remotely. Additionally, an exploit exists. Upgrading the affected component is advised.

A vulnerability marked as critical has been reported in Linux Kernel 2.2.10/2.2.12/2.2.14. Affected by this vulnerability is an unknown functionality of the component IP Masquerading Handler. Performing manipulation as part of UDP Packet results in improper privilege management. This vulnerability is identified as CVE-2000-0289. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

The shared responsibility model of data security, familiar from cloud deployments, is key to agentic services, but cybersecurity teams and corporate users often struggle with awareness and managing that risk.

A vulnerability classified as critical was found in Flickr Gallery Plugin up to 1.5.2 on WordPress. Affected by this vulnerability is the function WP_Theme. The manipulation results in deserialization. This vulnerability is cataloged as CVE-2017-20207. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Silabs Simplicity SDK and Gecko SDK. Affected is an unknown function. The manipulation leads to buffer overflow. This vulnerability is listed as CVE-2025-8414. The attack must be carried out from within the local network. There is no available exploit.

A vulnerability described as problematic has been identified in Async JavaScript Plugin up to 2.19.07.14 on WordPress. This impacts the function aj_steps of the component Setting Handler. Executing manipulation can lead to cross site scripting. This vulnerability is tracked as CVE-2020-36854. The attack can be launched remotely. No exploit exists.

A vulnerability marked as problematic has been reported in 10WebMapBuilder Plugin up to 1.0.63 on WordPress. This affects an unknown function of the component Setting Handler. Performing manipulation results in cross site scripting. This vulnerability is identified as CVE-2020-36853. The attack can be initiated remotely. There is not any exploit available.

A vulnerability labeled as critical has been found in ShortPixel Image Optimizer Plugin up to 6.3.4 on WordPress. The impacted element is the function shortpixel_ajaxRequest of the component Setting Handler. Such manipulation leads to missing authorization. This vulnerability is referenced as CVE-2025-11378. It is possible to launch the attack remotely. No exploit is available.

A vulnerability identified as critical has been detected in RegistrationMagic Plugin 3.7.9.2/3.7.9.3 on WordPress. The affected element is the function is_expired_by_date. This manipulation causes deserialization. The identification of this vulnerability is CVE-2017-20208. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as problematic has been discovered in OpenBao up to 2.4.0. Impacted is an unknown function of the component JSON Handler. The manipulation of the argument max_request_size results in resource consumption. This vulnerability was named CVE-2025-59043. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Appointments Plugin up to 2.2.1 on WordPress. It has been rated as critical. This issue affects the function WP_Theme of the component Cookie Handler. The manipulation of the argument wpmudev_appointments leads to deserialization. This vulnerability is uniquely identified as CVE-2017-20206. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in Radare2 up to 5.9.8. It has been declared as problematic. This vulnerability affects the function bochs_open. Executing manipulation can lead to memory leak. This vulnerability is handled as CVE-2025-60361. The attack can only be done within the local network. There is not any exploit available. Applying a patch is advised to resolve this issue.

A vulnerability was found in Jason C. Memberlite Shortcodes Plugin up to 1.4.1 on WordPress. It has been classified as problematic. This affects the function Memberlite. Performing manipulation results in cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2025-48087. Remote exploitation of the attack is possible. No exploit is available.