Aggregator

A vulnerability classified as problematic has been found in Netis WF2880 2.1.40207. This affects the function FUN_004904c8 of the file cgitest.cgi of the component Environment Variable Handler. The manipulation of the argument CONTENT_LENGTH leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-45835. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic was found in cPanel 11.18.3/11.21. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2008-1499. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Microsoft Windows. It has been classified as problematic. This affects an unknown part of the component GDI. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2020-0882. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been rated as problematic. This issue affects some unknown processing of the component Graphics Component. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2020-0885. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Microsoft Windows. This affects an unknown part of the component GDI. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2020-0774. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Windows and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Imaging. The manipulation leads to information disclosure. This vulnerability is known as CVE-2020-0853. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows and classified as problematic. Affected by this issue is some unknown functionality of the component GDI. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2020-0880. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Mattermost up to 8.1.11/9.4.4/9.5.2/9.6.0/9.7.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component JSON Parser. The manipulation leads to improper check for unusual conditions. This vulnerability is known as CVE-2024-4182. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mattermost up to 8.1.11/9.5.2/9.6.0/9.7.0 and classified as problematic. Affected by this issue is some unknown functionality of the component HTTP Request Handler. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-4195. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mattermost up to 8.1.11/9.5.2/9.6.0/9.7.0. It has been classified as problematic. This affects an unknown part of the component HTTP Request Handler. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2024-4198. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Zoho ManageEngine ADAudit Plus up to 7271. Affected by this issue is some unknown functionality of the component Report Data Aggregation. The manipulation leads to injection. This vulnerability is handled as CVE-2023-49330. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

For the latest discoveries in cyber research for the week of 12th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The UK’s Legal Aid Agency has suffered a cyberattack. The agency, which operates under the Ministry of Justice to provide billions in legal aid funding, has stated that financial information relating to […]

The post 12th May – Threat Intelligence Report appeared first on Check Point Research.

Threat actors use fake AI tools to trick users into installing the information stealer Noodlophile, Morphisec researchers warn. Morphisec researchers observed attackers exploiting AI hype to spread malware via fake AI tools promoted in viral posts and Facebook groups. Users seeking free AI video tools unknowingly download Noodlophile Stealer, a new malware that steals browser […]

Антиреклама Telegram — в Telegram: гениально или отчаянно?

一、语义分析介绍 1.1 介绍 此次分析的语义分析模块使用的是 https://github.com/wall […]

仓库代码  https://github.com/aaPanel/aaWAF/tree/main/p […]

She@Cyber training program is focused on improving the representation of women and other underrepresented groups in the cybersecurity industry

Reducing energy waste is an operations principle for NETSCOUT. Lean operations support both cost savings and companywide sustainability goals. As discussed in our previous blog on sustainability, NETSCOUT has made significant progress in reducing the amount of energy consumed by its InfiniStream network monitoring...