Aggregator

CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 months 3 weeks ago

Both CrushFTP, a popular file transfer technology, and Next.js, a widely used React framework for building web applications, have come under scrutiny due to significant vulnerabilities. Rapid7 has highlighted these issues, emphasizing their potential impact on data security and unauthorized access. Overview of Vulnerabilities Next.js Vulnerability (CVE-2025-29927):  This critical vulnerability involves improper authorization in middleware, […]

The post CrushFTP Warns of HTTP(S) Port Vulnerability Enabling Unauthorized Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Windows 11 24H2 Update Disrupts Connection to Veeam Backup Server

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 months 3 weeks ago

Users of the Veeam Backup Server have encountered a significant issue following the Windows 11 24H2 update. Specifically, the update has disrupted the connection between Veeam Recovery Media and the Veeam Backup Server. This problem affects users who have created recovery media from Windows 11 version 24H2 (build 26100.3194) or higher. When attempting to restore […]

The post Windows 11 24H2 Update Disrupts Connection to Veeam Backup Server appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2024-8690

CVE Trends
4 months 3 weeks ago
Currently trending CVE - Hype Score: 26 - A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then to perform malicious ...

CVE-2025-27551 | DBIx::Class::EncodedColumn up to 0.00032 Digest.pm rand weak prng

VulDB Recent Entries
4 months 3 weeks ago
A vulnerability has been found in DBIx::Class::EncodedColumn up to 0.00032 and classified as problematic. This vulnerability affects the function rand in the library lib/DBIx/Class/EncodedColumn/Digest.pm. The manipulation leads to cryptographically weak prng. This vulnerability was named CVE-2025-27551. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-1542 | Infonet Projekt SA OXARI ServiceDesk prior 2.0.324.0 authorization

VulDB Recent Entries
4 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Infonet Projekt SA OXARI ServiceDesk. This affects an unknown part. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-1542. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Cloudflare Attributes Service Outage to Faulty Password Rotation

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 months 3 weeks ago

Cloudflare experienced a significant service outage that affected several of its key offerings, including R2 object storage, Cache Reserve, Images, Log Delivery, Stream, and Vectorize. The incident, which lasted 1 hour and 7 minutes, was traced back to a faulty credential rotation process for the R2 Gateway service. Incident Overview The outage began at 21:38 […]

The post Cloudflare Attributes Service Outage to Faulty Password Rotation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Managed ad