Aggregator

The AI security race is on — and it will be won where defenders come together with developers and researchers to do things right.

火星上是否存在过生命我们暂时还不得而知，但今天的火星显然不太适合生命生存。然而根据发表在《IMA Fungus》期刊上的一项研究，能在地球极端恶劣环境中生存的地衣或能在火星上生存。地衣是一种共生体，即两个物种之间存在相互合作的关系。地衣由真菌和能进行光合作用的藻类组成。研究人员在模拟火星的环境以及强电离辐射下测试了地衣物种 Diploschistes muscorum 和 Cetrarea aculeata。结果显示地衣的新陈代谢仍然活跃，太阳耀斑产生的 X 射线不太可能影响其潜在宜居性。研究人员表示需要对其进行进一步的研究以了解如何减轻辐射损伤。

A vulnerability was found in songquanpeng one-api up to 0.6.10. It has been classified as problematic. This affects an unknown part of the component System Setting Handler. The manipulation of the argument Homepage Content/About System/Footer leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-3801. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This issue affects some unknown processing of the component API. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2025-3850. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This vulnerability affects unknown code of the file /api/studentPWD. The manipulation of the argument studentId leads to unverified password change. This vulnerability was named CVE-2025-3849. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #556413 / VDB-305655

Submit #556412 / VDB-305655

Submit #556370 / VDB-305777

Submit #556285 / VDB-305777

Submit #556284 / VDB-305777

Submit #556283 / VDB-305776

A vulnerability classified as critical has been found in markparticle WebServer up to 1.0. This affects an unknown part of the file code/http/httprequest.cpp of the component Login. The manipulation of the argument username/password leads to sql injection. This vulnerability is uniquely identified as CVE-2025-3847. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in markparticle WebServer up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file code/http/httprequest.cpp of the component Registration. The manipulation of the argument username/password leads to sql injection. This vulnerability is handled as CVE-2025-3846. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in markparticle WebServer up to 1.0. It has been declared as critical. Affected by this vulnerability is the function Buffer::HasWritten of the file code/buffer/buffer.cpp. The manipulation of the argument writePos_ leads to buffer overflow. This vulnerability is known as CVE-2025-3845. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Google Chrome and classified as critical. Affected by this issue is some unknown functionality of the component libvpx. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2023-5217. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in phpkobo AjaxNewTicker 1.0.5 and classified as problematic. This vulnerability affects unknown code of the file index.php. The manipulation of the argument Title leads to cross site scripting. This vulnerability was named CVE-2023-41446. The attack can be initiated remotely. There is no exploit available.