Aggregator

CVE-2010-2018 | Bukulokomedia Lokomedia CMS 1.4.1 downlot.php File path traversal (EDB-12651 / XFDB-58670)

Vuldb Updates
4 months 3 weeks ago
A vulnerability was found in Bukulokomedia Lokomedia CMS 1.4.1. It has been declared as problematic. Affected by this issue is some unknown functionality of the file downlot.php. Such manipulation of the argument File leads to path traversal. This vulnerability is listed as CVE-2010-2018. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

CVE-2010-2721 | RightInPoint Lyrics Engine 3.0 index.php artist_id sql injection (EDB-14244 / XFDB-60118)

Vuldb Updates
4 months 3 weeks ago
A vulnerability identified as critical has been detected in RightInPoint Lyrics Engine 3.0. Affected by this vulnerability is an unknown functionality of the file index.php. Performing manipulation of the argument artist_id results in sql injection. This vulnerability is identified as CVE-2010-2721. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

New EDR-Freeze Tool That Puts EDRs and Antivirus Into A Coma State

Cyber Security News
4 months 3 weeks ago

A new proof-of-concept tool named EDR-Freeze has been developed, capable of placing Endpoint Detection and Response (EDR) and antivirus solutions into a suspended “coma” state. According to Zero Salarium, the technique leverages a built-in Windows function, offering a stealthier alternative to the increasingly popular Bring Your Own Vulnerable Driver (BYOVD) attacks used by threat actors […]

The post New EDR-Freeze Tool That Puts EDRs and Antivirus Into A Coma State appeared first on Cyber Security News.

Guru Baran

Cyberattack Disrupts Services at Major European Airports

Ransomware DataBreachToday.com
4 months 3 weeks ago
Airports in Brussels, Berlin, and the UK and Ireland Impacted
Flight cancellations and delays lasting hours at several major European airports including London's Heathrow on Saturday occurred after a cyberattack against a provider of check-in and boarding systems. Hackers late Friday targeted software developed by Collins Aerospace.

CVE-2009-3539 | YourFreeWorld Ultra Classifieds Pro subclass.php sn cross site scripting (EDB-34744 / SA35857)

Vuldb Updates
4 months 3 weeks ago
A vulnerability was found in YourFreeWorld Ultra Classifieds Pro. It has been classified as problematic. This affects an unknown part of the file subclass.php. Performing manipulation of the argument sn results in cross site scripting. This vulnerability is cataloged as CVE-2009-3539. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2009-4523 | Zainu 1.0 index.php searchSongKeyword cross site scripting (EDB-33288 / XFDB-53790)

Vuldb Updates
4 months 3 weeks ago
A vulnerability was found in Zainu 1.0. It has been rated as problematic. The affected element is an unknown function of the file index.php. Performing manipulation of the argument searchSongKeyword results in cross site scripting. This vulnerability is reported as CVE-2009-4523. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com

CVE-2009-4601 | Zeeways ZeeJobsite 3.0 basic_search_result.php Title cross site scripting (EDB-33396 / BID-37290)

Vuldb Updates
4 months 3 weeks ago
A vulnerability classified as problematic was found in Zeeways ZeeJobsite 3.0. Affected by this issue is some unknown functionality of the file basic_search_result.php. The manipulation of the argument Title results in cross site scripting. This vulnerability is reported as CVE-2009-4601. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com

CVE-2009-2893 | Xzeroscripts Community Classifieds 4.97.8 index.php _xzcal_y cross site scripting (EDB-33110 / BID-35809)

Vuldb Updates
4 months 3 weeks ago
A vulnerability labeled as problematic has been found in Xzeroscripts Community Classifieds 4.97.8. This impacts an unknown function of the file index.php. The manipulation of the argument _xzcal_y results in cross site scripting. This vulnerability is reported as CVE-2009-2893. The attack can be launched remotely. Moreover, an exploit is present.
vuldb.com

CVE-2023-21597 | Adobe InCopy up to 17.4/18.0 out-of-bounds write (apsb23-08 / EUVD-2023-25764)

Vuldb Updates
4 months 3 weeks ago
A vulnerability classified as critical has been found in Adobe InCopy up to 17.4/18.0. Affected by this issue is some unknown functionality. This manipulation causes out-of-bounds write. The identification of this vulnerability is CVE-2023-21597. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-21595 | Adobe InCopy up to 17.4/18.0 out-of-bounds write (apsb23-08 / EUVD-2023-25762)

Vuldb Updates
4 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in Adobe InCopy up to 17.4/18.0. This vulnerability affects unknown code. Performing manipulation results in out-of-bounds write. This vulnerability is identified as CVE-2023-21595. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2023-21592 | Adobe InDesign up to 17.4/18.0 out-of-bounds (apsb23-07 / EUVD-2023-25759)

Vuldb Updates
4 months 3 weeks ago
A vulnerability was found in Adobe InDesign up to 17.4/18.0. It has been classified as problematic. Affected by this issue is some unknown functionality. Performing manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2023-21592. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2023-21593 | Adobe InDesign up to 17.4/18.1 null pointer dereference (apsb23-12 / EUVD-2023-25760)

Vuldb Updates
4 months 3 weeks ago
A vulnerability categorized as problematic has been discovered in Adobe InDesign up to 17.4/18.1. This issue affects some unknown processing. Such manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2023-21593. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

Qilin

Dark Feed IO
4 months 3 weeks ago

You must login to view this content

cohenido

CVE-2025-7775

CVE Trends
4 months 3 weeks ago
Currently trending CVE - Hype Score: 1 - Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway when NetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler ...

CVE-2023-53363 | Linux Kernel up to 6.2.11 pci_bus_release_domain_nr use after free (Nessus ID 265661)

Vuldb Updates
4 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.2.11. This vulnerability affects the function pci_bus_release_domain_nr. The manipulation results in use after free. This vulnerability is known as CVE-2023-53363. Access to the local network is required for this attack. No exploit is available. You should upgrade the affected component.
vuldb.com

Managed ad