Aggregator

Подробное руководство по генерации и использованию SSH-ключей с помощью ssh-keygen. Объяснение принципов работы, инструкции для Linux, macOS и Windows.

Submit #650445 / VDB-325121

Submit #647952 / VDB-325120

Submit #647629 / VDB-325119

Submit #647001 / VDB-325000

A vulnerability was found in PHPGurukul User Management System 1.0. It has been classified as critical. This affects an unknown function of the file /login.php. Performing manipulation of the argument emailid results in sql injection. This vulnerability is identified as CVE-2025-10624. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in itsourcecode Student Information Management System 1.0. It has been rated as critical. The impacted element is an unknown function of the file /admin/modules/class/index.php. This manipulation of the argument classId causes sql injection. This vulnerability appears as CVE-2025-10673. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability labeled as critical has been found in SourceCodester Responsive E-Learning System 1.0. This affects an unknown part of the file /admin/add_teacher.php. The manipulation of the argument Username results in sql injection. This vulnerability is known as CVE-2025-10687. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability marked as problematic has been reported in Mozilla Firefox up to 142. Impacted is an unknown function. The manipulation leads to protection mechanism failure. This vulnerability is documented as CVE-2025-10528. The attack requires being on the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability classified as critical has been found in Tenda AC9 and AC15 15.03.05.14. This affects the function formexeCommand of the file /goform/exeCommand. This manipulation of the argument cmdinput causes os command injection. This vulnerability is registered as CVE-2025-10442. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

山石网科荣获“2025年度协同软硬件漏洞管理优秀企业”、“2025年度基础软硬件漏洞管理优秀企业”等荣誉

在当今数字化快速发展的时代，信息安全正成为企业生存与发展的核心保障，而代码审计则是信息安全防线中的关键环节。

Электронные стойки и багажные киоски недоступны, аэропорты минимизируют последствия вручную.

У Neuralink нет коммерчески одобренных устройств, но амбиции стремительны.

A vulnerability identified as critical has been detected in academico-sis academico up to d9a9e2636fbf7e5845ee086bcb03ca62faceb6ab. Affected by this issue is some unknown functionality of the file /edit-photo of the component Profile Picture Handler. This manipulation causes unrestricted upload. This vulnerability is tracked as CVE-2025-10763. The attack is possible to be carried out remotely. Moreover, an exploit is present. This product adopts a rolling release strategy to maintain continuous delivery The vendor was contacted early about this disclosure but did not respond in any way.

Submit #646915 / VDB-325118

A vulnerability classified as problematic has been found in halo-dev halo up to 2.20.12. This impacts an unknown function. Performing manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2024-56156. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in keystonejs keystone up to 6.4.x and classified as problematic. Impacted is an unknown function of the component GraphQL Schema Handler. The manipulation leads to information exposure through discrepancy. This vulnerability is traded as CVE-2025-46720. It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.