Aggregator

A vulnerability, which was classified as problematic, was found in ConcreteCMS up to 9.3.9. Affected is the function Save of the component FAQ Block Handler. The manipulation of the argument Navigation/Title Text/Description Source leads to cross site scripting. This vulnerability is traded as CVE-2025-2964. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as problematic, has been found in ConcreteCMS up to 9.3.9. This issue affects the function addEditQuestion of the component Legacy Form Block Handler. The manipulation of the argument Question leads to cross site scripting. The identification of this vulnerability is CVE-2025-2963. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in Microsoft Windows ME and classified as problematic. This vulnerability affects unknown code of the component Help/Support Center. The manipulation of the argument topic leads to basic cross site scripting. This vulnerability was named CVE-2003-0009. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Submit #522423 / VDB-302024

Submit #522421 / VDB-302023

Submit #522420 / VDB-302022

Submit #522419 / VDB-302021

Submit #522418 / VDB-302020

Submit #522417 / VDB-302019

Submit #522416 / VDB-302018

Submit #522415 / VDB-302017

Submit #522414 / VDB-302016

Submit #522413 / VDB-302015

0# 概述师傅们好久不见！最近不是特别忙，就研究研究最新的漏洞。刚好最近一大批漏洞都爆出来了，比如 CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, C...

A vulnerability classified as critical has been found in Azerbaijan AzDGDating 2.1.3. This affects an unknown part of the file security.inc.php. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2005-2951. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in Powie pfile 1.02. This affects an unknown part. The manipulation of the argument filecat leads to cross site scripting. This vulnerability is uniquely identified as CVE-2012-1211. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in phpMyRecipes 1.2.2. This affects an unknown part of the file browse.php. The manipulation of the argument Category leads to sql injection. This vulnerability is uniquely identified as CVE-2014-9440. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Apple Mac OS X 10.4. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2007-2386. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in PHP up to 8.1.31/8.2.27/8.3.18/8.4.4. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument Content-Type leads to open redirect. This vulnerability is handled as CVE-2025-1219. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

In 2023, a massive data breach at 23andMe shook the foundation of the consumer genomics industry. Fast forward to today, the company has filed for bankruptcy. From Veriti’s perspective, this incident highlights the devastating consequences of failing to secure deeply sensitive personal data, especially when that data reaches beyond individuals and into family legacies.  Veriti […]

The post Genetic Breach Fallout: 23andMe’s Collapse Raises Security Alarms  appeared first on VERITI.

The post Genetic Breach Fallout: 23andMe’s Collapse Raises Security Alarms  appeared first on Security Boulevard.