Aggregator

A vulnerability classified as critical was found in Huawei HarmonyOS 5.0.1/5.1.0. This vulnerability affects unknown code of the component Distributed Camera. The manipulation leads to permission issues. This vulnerability was named CVE-2025-53168. The attack can only be done within the local network. There is no exploit available.

A vulnerability classified as critical has been found in Huawei HarmonyOS and EMUI. This affects an unknown part of the component Audio Framework Module. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-53186. Attacking locally is a requirement. There is no exploit available.

A vulnerability was found in Nimesa Backup and Recovery 2.3/2.4. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to os command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-48501. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in TeamT5 ThreatSonar Anti-Ransomware up to 3.8.3. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to os command injection. This vulnerability is known as CVE-2025-7145. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Huawei HarmonyOS and EMUI. It has been classified as critical. Affected is an unknown function of the component Memory Management Module. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-53185. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in run-llama llama_index up to 0.12.40 and classified as problematic. This issue affects the function pickle.loads of the component Pickle Module. The manipulation leads to deserialization. The identification of this vulnerability is CVE-2025-3108. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ScriptsEz Mini Hosting Panel and classified as problematic. This issue affects some unknown processing of the file hosting/admin_ac.php. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2009-4826. The attack may be initiated remotely. Furthermore, there is an exploit available.

Aegis Authenticator is an open-source 2FA app for Android that helps you manage login codes for your online accounts. The app features strong encryption and the ability to back up your data. It supports both HOTP and TOTP, so it works with thousands of services. It also allows the export or import from a wide variety of 2FA apps, with support for automatic backups. Aegis Authenticator is available for free on GitHub. Must read: 35 … More →

The post Aegis Authenticator: Free, open-source 2FA app for Android appeared first on Help Net Security.

音频编码器是多模态大模型的重要组件，优秀的音频编码器在构建多模态系统中至关重要。

当前环境出现异常问题，需完成验证操作后才能继续访问相关内容或功能。

用户在实习任务中被提供一个公钥和一个加密/私钥字符串，需找出解密密钥以验证私钥真实性。尝试了书名、ISBN等线索未果，寻求帮助确定加密算法或可能的解密密钥来源。

A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. This vulnerability was named CVE-2025-7111. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

5000 рублей за ЛК — а потом уголовное дело.

真相往往不是被掩埋，而是被精心包装。

当前环境出现异常状态，请完成验证后继续访问。

Reddit上的r/netsecstudents社区为学习网络安全性提供资源和帮助。一名用户在视频通话中遇到摄像头无法开启的问题，怀疑可能被黑客攻击或存在异常情况。

这是一个网络社区，专注于网络安全领域的学习与交流。用户可以在此分享资源、提出问题并互相帮助。社区鼓励遵守规则以维护良好的讨论环境。

A vulnerability classified as problematic was found in GitLab up to 15.8.4/15.9.3/15.10.0. This vulnerability affects unknown code of the component Environment Name Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2023-0319. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in huedawn-tesseract and dawnsparks-node-tesseract. Affected is the function child_process. The manipulation leads to command injection. This vulnerability is traded as CVE-2023-29566. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in radare2 up to 5.8.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to failure to sanitize special elements into a different plane (special element injection). This vulnerability is handled as CVE-2023-0302. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.