Aggregator

CVE-2024-35203 | System Mahara up to 22.10.5/23.04.5/24.04.0 cross site scripting

VulDB Recent Entries
4 months ago
A vulnerability described as problematic has been identified in System Mahara up to 22.10.5/23.04.5/24.04.0. Affected by this vulnerability is an unknown functionality. Executing manipulation can lead to cross site scripting. This vulnerability appears as CVE-2024-35203. The attack may be performed from a remote location. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

Farmers Insurance discloses a data breach impacting 1.1M customers

Security Affairs
4 months ago
Farmers Insurance suffered a breach tied to Salesforce attacks, exposing data of 1.1M customers across its nationwide insurance network. Farmers Insurance disclosed a data breach affecting 1,071,172 customers, linked to the recent wave of Salesforce attacks, as per Bleeping Computer. The company is an American insurer group of vehicles, homes and small businesses and also […]
Pierluigi Paganini

Staying Ahead with Advanced NHI Detection?

Security Boulevard
4 months ago

Why is Advanced NHI Detection the Game Changer in Cybersecurity? Have you ever considered how Non-Human Identities (NHIs) impact your organization’s cybersecurity strategy? Protecting your business extends far beyond securing your employees’ credentials. Machine identities, or NHIs, are making their way to the forefront of cybersecurity. This calls for a proactive approach with advanced NHI […]

The post Staying Ahead with Advanced NHI Detection? appeared first on Entro.

The post Staying Ahead with Advanced NHI Detection? appeared first on Security Boulevard.

Alison Mack

Is Your Secrets Vault Truly Impenetrable?

Security Boulevard
4 months ago

Unlocking the Real Value of Secrets Vault Security How much credence does your organization assign to secrets vault security? If you are operating in the cloud, the bulletproof protection of Non-Human Identities (NHIs) and their associated secrets is paramount. Now, more than ever, the need for effective security measures around NHIs is being emphasized due […]

The post Is Your Secrets Vault Truly Impenetrable? appeared first on Entro.

The post Is Your Secrets Vault Truly Impenetrable? appeared first on Security Boulevard.

Alison Mack

CVE-2025-9514 | macrozheng mall up to 1.0.3 Registration weak password (Issue 923)

VulDB Recent Entries
4 months ago
A vulnerability labeled as problematic has been found in macrozheng mall up to 1.0.3. This impacts an unknown function of the component Registration. Such manipulation leads to weak password requirements. This vulnerability is documented as CVE-2025-9514. The attack can be executed remotely. There is not any exploit available. The vendor deleted the GitHub issue for this vulnerability without and explanation.
vuldb.com

CVE-2025-9513 | editso fuso up to 1.0.4-beta.7 mod.rs PenetrateRsaAndAesHandshake priv_key inadequate encryption

VulDB Recent Entries
4 months ago
A vulnerability identified as problematic has been detected in editso fuso up to 1.0.4-beta.7. This affects the function PenetrateRsaAndAesHandshake of the file src/net/penetrate/handshake/mod.rs. This manipulation of the argument priv_key causes inadequate encryption strength. This vulnerability is registered as CVE-2025-9513. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

Threat Actors Leverage AI Agents to Conduct Social Engineering Attacks

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 months ago

Cybersecurity landscapes are undergoing a paradigm shift as threat actors increasingly deploy agentic AI systems to orchestrate sophisticated social engineering attacks. Unlike reactive generative AI models that merely produce content such as deepfakes or phishing emails, agentic AI exhibits autonomous decision-making, adaptive learning, and multi-step planning capabilities. These systems operate independently, pursuing predefined objectives without […]

The post Threat Actors Leverage AI Agents to Conduct Social Engineering Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2025-9508 | itsourcecode Apartment Management System 1.0 /report/rented_info.php rsid sql injection

VulDB Recent Entries
4 months ago
A vulnerability categorized as critical has been discovered in itsourcecode Apartment Management System 1.0. The impacted element is an unknown function of the file /report/rented_info.php. The manipulation of the argument rsid results in sql injection. This vulnerability is cataloged as CVE-2025-9508. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-9510 | itsourcecode Apartment Management System 1.0 /branch/addbranch.php ID sql injection

VulDB Recent Entries
4 months ago
A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been rated as critical. The affected element is an unknown function of the file /branch/addbranch.php. The manipulation of the argument ID leads to sql injection. This vulnerability is listed as CVE-2025-9510. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com

CVE-2025-9507 | itsourcecode Apartment Management System 1.0 /report/visitor_info.php vid sql injection

VulDB Recent Entries
4 months ago
A vulnerability was found in itsourcecode Apartment Management System 1.0. It has been declared as critical. Impacted is an unknown function of the file /report/visitor_info.php. Executing manipulation of the argument vid can lead to sql injection. This vulnerability is tracked as CVE-2025-9507. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com

Managed ad