Aggregator

A vulnerability was found in Apple iOS and iPadOS up to 15.1.1 and classified as problematic. This affects an unknown function of the component Kernel. Such manipulation leads to buffer overflow. This vulnerability is referenced as CVE-2021-30993. It is possible to launch the attack remotely. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability was found in Apple macOS up to 12.0. It has been classified as problematic. Affected is an unknown function of the component Kernel. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2021-30993. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as problematic was found in Apple macOS up to 12.0. This affects an unknown part of the component Airport. Executing a manipulation can lead to information disclosure. This vulnerability appears as CVE-2021-30987. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability categorized as problematic has been discovered in Apple macOS up to 12.0. This affects an unknown part of the component LaunchServices. Such manipulation leads to improper access controls. This vulnerability is referenced as CVE-2021-30990. The attack can only be performed from a local environment. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability has been found in Apple macOS up to 12.0 and classified as problematic. Impacted is an unknown function of the component Bluetooth. This manipulation causes information disclosure. This vulnerability is handled as CVE-2021-30986. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Array Networks ArrayOS AG up to 9.4.0.504. It has been classified as critical. The impacted element is an unknown function of the component Packets Handler. This manipulation causes command injection. This vulnerability is tracked as CVE-2023-51707. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in starnight MicroHttpServer up to a8ab029. It has been rated as critical. This impacts the function _ParseHeader in the library lib/server.c of the component URI Handler. This manipulation causes buffer overflow. This vulnerability appears as CVE-2023-51771. The attacker needs to be present on the local network. There is no available exploit.

A vulnerability labeled as problematic has been found in PHPJabbers Event Ticketing System 1.0. Affected by this issue is some unknown functionality of the component Forgot Password Handler. The manipulation results in denial of service. This vulnerability was named CVE-2023-51339. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in PHPJabbers Meeting Room Booking System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. Executing a manipulation of the argument title/name can lead to cross site scripting. This vulnerability appears as CVE-2023-51338. The attack may be performed from remote. There is no available exploit.

A vulnerability identified as critical has been detected in PHPJabbers Meeting Room Booking System 1.0. Affected by this vulnerability is an unknown functionality of the component Languages Section Label Handler. The manipulation leads to csv injection. This vulnerability is uniquely identified as CVE-2023-51336. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in PHPJabbers Event Ticketing System 1.0 and classified as problematic. This impacts the function index. Such manipulation of the argument lid leads to cross site scripting. This vulnerability is documented as CVE-2023-51337. The attack can be executed remotely. There is not any exploit available.

A vulnerability, which was classified as critical, was found in Comfast CF-AC100 2.6.0.8. This affects the function sub_44AC14 of the file /cgi-bin/mbox-config?method=SET&section=ping_config of the component Request Path Handler. The manipulation results in command injection. This vulnerability is cataloged as CVE-2026-3798. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, has been found in Tiandy Video Surveillance System 视频监控平台 7.17.0. The impacted element is the function uploadFile of the file /src/com/tiandy/easy7/core/rest/CLS_REST_File.java. The manipulation of the argument fileName leads to unrestricted upload. This vulnerability is listed as CVE-2026-3797. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #766443 / VDB-349765

Submit #766386 / VDB-349764

APT28利用MSHTML零日漏洞攻击东欧政府军事机构

1500万账户数据泄露，波及PSN/Xbox/Steam/Epic

IBM报告：AI驱动攻击升级，勒索软件增49%

思科修复48个漏洞，2个CVSS10.0

A vulnerability classified as critical was found in Apple macOS up to 12.0. Affected by this vulnerability is an unknown functionality of the component WebKit. Executing a manipulation can lead to race condition. This vulnerability is registered as CVE-2021-30984. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is advised.