Aggregator

A vulnerability described as critical has been identified in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this vulnerability is the function log_handler of the file ml_logger/server.py. Such manipulation of the argument File leads to path traversal. This vulnerability is referenced as CVE-2025-10951. It is possible to launch the attack remotely. Furthermore, an exploit is available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

A vulnerability marked as critical has been reported in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected is the function log_handler of the file ml_logger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. The identification of this vulnerability is CVE-2025-10950. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Новый zero-day уже используется в атаках.

Submit #652688 / VDB-325824

Submit #652687 / VDB-325824

Credit unions are the financial lifeline for more than 139 million Americans. Built on a member-first philosophy, these not-for-profit institutions provide affordable banking, community trust, and financial empowerment. But in today’s digital-first era, credit unions face growing cybersecurity challenges. With rising ransomware attacks, phishing scams, and third-party vendor breaches, credit unions are prime targets for

The post Credit Unions Replaced Fragmented Tools With Seceon’s Platform appeared first on Seceon Inc.

The post Credit Unions Replaced Fragmented Tools With Seceon’s Platform appeared first on Security Boulevard.

Luxembourg, Luxembourg, 25th September 2025, CyberNewsWire

Submit #652686 / VDB-323204

Luxembourg, Luxembourg, 25th September 2025, CyberNewsWire

The post Gcore Radar Report Reveals 41% Surge in DDoS Attack Volumes appeared first on Security Boulevard.

Luxembourg, Luxembourg, September 25th, 2025, CyberNewsWireGcore, the global edge AI, cloud, n

Submit #652463 / VDB-325822

Submit #652462 / VDB-325821

Submit #652461 / VDB-325820

A vulnerability was found in Vasion Print Virtual Appliance Host and Print Application 22.0.843/22.0.1002. It has been classified as problematic. Affected is an unknown function of the component Environment Variable Handler. Performing manipulation results in cleartext transmission of sensitive information. This vulnerability is identified as CVE-2025-34199. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in itsourcecode Online Discussion Forum 1.0. It has been declared as critical. The impacted element is an unknown function of the file /index.php. Executing manipulation of the argument email/password can lead to sql injection. This vulnerability is handled as CVE-2025-10800. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability was found in SourceCodester Pet Grooming Management Software 1.0. It has been rated as critical. This affects an unknown function of the file /admin/edit_tax.php. The manipulation of the argument ID leads to sql injection. This vulnerability is uniquely identified as CVE-2025-10801. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability identified as critical has been detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/remove.php. This manipulation of the argument ID causes sql injection. The identification of this vulnerability is CVE-2025-10802. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability labeled as critical has been found in Tenda AC23 up to 16.03.07.52. Affected by this vulnerability is the function sscanf of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. This vulnerability is referenced as CVE-2025-10803. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability marked as critical has been reported in Campcodes Online Beauty Parlor Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/add-customer.php. Performing manipulation of the argument mobilenum results in sql injection. This vulnerability is identified as CVE-2025-10804. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability described as critical has been identified in Campcodes Online Beauty Parlor Management System 1.0. This affects an unknown part of the file /admin/add-services.php. Executing manipulation of the argument sername can lead to sql injection. This vulnerability is tracked as CVE-2025-10805. The attack can be launched remotely. Moreover, an exploit is present.