Aggregator

CVE-2025-15035 | TP-Link Archer AXE75 up to 1.6 Build 20250107 VPN Module denial of service (PANW-2025-0004)

Vuldb Updates
2 weeks 5 days ago
A vulnerability categorized as problematic has been discovered in TP-Link Archer AXE75 up to 1.6 Build 20250107. This affects an unknown function of the component VPN Module. Executing a manipulation can lead to denial of service. This vulnerability appears as CVE-2025-15035. The attacker needs to be present on the local network. There is no available exploit.
vuldb.com

CVE-2026-1469 | RLE NOVA PlanManager /index.php comment/brand cross site scripting

Vuldb Updates
2 weeks 5 days ago
A vulnerability identified as problematic has been detected in RLE NOVA PlanManager. This affects an unknown function of the file /index.php. The manipulation of the argument comment/brand leads to cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is listed as CVE-2026-1469. The attack may be initiated remotely. There is no available exploit.
vuldb.com

CVE-2025-58402 | CGM CLININET up to 2025.MS3 Message MessageID authorization

Vuldb Updates
2 weeks 5 days ago
A vulnerability was found in CGM CLININET up to 2025.MS3 and classified as problematic. Affected by this issue is some unknown functionality of the component Message Handler. Such manipulation of the argument MessageID leads to authorization bypass. This vulnerability is listed as CVE-2025-58402. The attack may be performed from remote. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-58405 | CGM CLININET up to 2025.MS2 IFRAME ui layer

Vuldb Updates
2 weeks 5 days ago
A vulnerability was found in CGM CLININET up to 2025.MS2. It has been rated as problematic. This issue affects some unknown processing of the component IFRAME Handler. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is documented as CVE-2025-58405. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-25067 | SmarterTools SmarterMail up to 100.0.9511 Service name resolution (EUVD-2026-4974 / CNNVD-202601-4963)

Vuldb Updates
2 weeks 5 days ago
A vulnerability described as problematic has been identified in SmarterTools SmarterMail up to 100.0.9511. This affects an unknown part of the component Service. Such manipulation leads to incorrectly-resolved name. This vulnerability is traded as CVE-2026-25067. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-11683 | TODDR YAML::Syck up to 1.35 on Perl YAML File Parser token.c memory corruption (Nessus ID 271777 / WID-SEC-2025-2329)

Vuldb Updates
2 weeks 5 days ago
A vulnerability was found in TODDR YAML::Syck up to 1.35 on Perl. It has been declared as critical. Impacted is the function YAML::Syck of the file token.c of the component YAML File Parser. The manipulation results in memory corruption. This vulnerability is known as CVE-2025-11683. It is possible to launch the attack remotely. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

太空风暴让人类难以探测到 ET 的信号

Solidot
2 weeks 5 days ago
SETI 研究所的最新研究发现,太空风暴让人类难以探测到 ET 发射的无线电信号。行星信号发射源附近的恒星活动和等离子体湍流会使原本极其窄带的信号展宽,致使信号功率分散到更多频率上,因此在传统的窄带搜索中更难探测到。SETI 实验过去几十年一直致力于探测天体物理自然过程不太可能存在的频率尖峰。这项发表在《Astrophysical Journal》期刊上的研究显示,即使最初发射的信号非常窄,但信号离开其行星系统之后会展宽,因此会低于探测阈值。假设 ET 存在,且可能正在试图联系我们,但不可预测的太空天气干扰了信号,人类根本无法接收到。

9th March – Threat Intelligence Report

Check Point Research
2 weeks 5 days ago

For the latest discoveries in cyber research for the week of 9th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES AkzoNobel, a Netherlands-based global paint manufacturer, has confirmed a cyberattack affecting one of its United States sites. The company said the intrusion was contained, while the Anubis ransomware group claimed it stole […]

The post 9th March – Threat Intelligence Report appeared first on Check Point Research.

urias

Vietnam-Based Cybercrime Network Enables Fraudulent Account Signups at Scale

Cyber Security News
2 weeks 5 days ago

A sprawling cybercrime ecosystem rooted in Vietnam has been linked to large-scale fraudulent account registration campaigns targeting service providers and online platforms worldwide. Researchers traced this activity to an infrastructure cluster internally designated O-UNC-036, which uses disposable email addresses and automated bots to manufacture fake digital identities at an alarming scale.​ Fraudulent online accounts are […]

The post Vietnam-Based Cybercrime Network Enables Fraudulent Account Signups at Scale appeared first on Cyber Security News.

Tushar Subhra Dutta

Managed ad