Aggregator

A vulnerability, which was classified as critical, has been found in SEMCMS 4.8. This issue affects some unknown processing of the file /web_inc.php. The manipulation of the argument languageID leads to sql injection. The identification of this vulnerability is CVE-2023-48864. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in PublicCMS up to 4.0. It has been classified as problematic. Affected is an unknown function of the component Online Preview. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2023-51252. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Tenda AX1803 1.0.0.1. Affected by this issue is the function formSetIptv. The manipulation of the argument stbpvid leads to stack-based buffer overflow. This vulnerability is handled as CVE-2023-51952. The attack needs to be approached within the local network. There is no exploit available.

A new and alarming phishing campaign has surfaced, leveraging the credibility of a .gov domain to deceive employees into believing they owe unpaid tolls. Identified by the Cofense Phishing Defense Center (PDC), this campaign manipulates the GovDelivery system a legitimate communication tool used by several government agencies to lend an air of authenticity to its […]

The post TxTag Phishing Campaign Exploits .gov Domain to Deceive Employees appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Хакинг систем видеонаблюдения выходит из-под контроля.

Tonic Validate is a free, open-source library for evaluating RAG and LLM based applications. We recently announced a new listing on GitHub Marketplace that provides a GitHub Actions template to run Tonic Validate against code changes on every commit. Today, we’re following up with an additional listing that allows you to establish integration tests each time a branch is merged into your main branch.

The post Tonic Validate is now on GitHub Marketplace! (Part 2) appeared first on Security Boulevard.

We are proud to announce that we have successfully completed our HIPAA certification, marking a significant milestone in our commitment to data security and privacy. This achievement underscores our dedication to providing secure data environments for our clients, particularly those in the healthcare industry handling protected health information (PHI).

The post Tonic.ai Achieves HIPAA Compliance Certification, Ensuring Enhanced Security for Protected Health Information appeared first on Security Boulevard.

Tonic Validate, our free, open-source library for evaluating RAG and LLM-based applications, can be run entirely as a GitHub Action. And it's now available for quick deployment on GitHub Marketplace!

The post Tonic Validate is now available on GitHub Marketplace! appeared first on Security Boulevard.

A vulnerability was found in Mozilla Firefox up to 114. It has been classified as critical. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2023-37211. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Thunderbird up to 102.12. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2023-37211. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Thunderbird. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2023-4057. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2023-4057. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mozilla Thunderbird. Affected is the function FilePickerShownCallback of the component IPC. The manipulation leads to use after free. This vulnerability is traded as CVE-2023-4575. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Mozilla Firefox up to 116. This affects an unknown part of the component IPC FilePickerShownCallback. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2023-4575. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mozilla Firefox up to 116. This issue affects the function UpdateRegExpStatics of the component JIT. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2023-4577. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 115.1. It has been classified as problematic. Affected is an unknown function of the component Private Window. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2023-4583. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Thunderbird up to 115.1 and classified as critical. Affected by this vulnerability is the function UpdateRegExpStatics of the component JIT. The manipulation leads to memory corruption. This vulnerability is known as CVE-2023-4577. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Mozilla Firefox up to 116. Affected is an unknown function of the component Private Window. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2023-4583. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

83% компаний нарастили защиту. Но 88% всё ещё зависят от одного вендора.

A recent threat hunting session has revealed a sophisticated PowerShell script, named y1.ps1, hosted in an open directory on a Chinese server (IP: 123.207.215.76). First detected on June 1, 2025, this script operates as a shellcode loader, employing advanced in-memory execution techniques to bypass traditional disk-based detection mechanisms. The discovery, attributed to Shenzhen Tencent Computer […]

The post PowerShell Loaders Use In-Memory Execution to Evade Disk-Based Detection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.