Submit #631528: Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) Stack-based Buffer Overflow [Accepted]
Submit #631528 / VDB-321059
Aggregator
Submit #631527: Linksys RE6500、RE6250、RE6300、RE6350、RE7000、RE9000 RE6500(1.0.013.001) RE6250(1.0.04.001) RE6300(1.2.07.001) RE6350(1.0.04.001) RE7000(1.1.05.003) RE9000(1.0.04.002) Stack-based Buffer Overflow [Accepted]
3 days 3 hours ago
Submit #631527 / VDB-321058
pjq123
CVE-2025-51605 | Shopizer 3.2.7 cross-domain policy
3 days 3 hours ago
A vulnerability categorized as critical has been discovered in Shopizer 3.2.7. Affected is an unknown function. Such manipulation leads to permissive cross-domain policy with untrusted domains.
This vulnerability is documented as CVE-2025-51605. The attack can be executed remotely. There is not any exploit available.
vuldb.com
CVE-2025-53363 | donknap dpanel up to 1.7.2 get-from-uri GetFromUri file inclusion (EUVD-2025-25585)
3 days 3 hours ago
A vulnerability was found in donknap dpanel up to 1.7.2. It has been rated as problematic. This impacts the function GetFromUri of the file /api/app/compose/get-from-uri. This manipulation of the argument uri causes file inclusion.
This vulnerability is registered as CVE-2025-53363. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com
CVE-2025-50674 | OpenMediaVault 7.4.17 user.inc changePassword Local Privilege Escalation
3 days 3 hours ago
A vulnerability was found in OpenMediaVault 7.4.17. It has been declared as critical. This affects the function changePassword of the file /usr/share/php/openmediavault/system/user.inc. The manipulation results in Local Privilege Escalation.
This vulnerability is cataloged as CVE-2025-50674. The attack must be initiated from a local position. There is no exploit available.
vuldb.com
CVE-2025-55573 | QuantumNous new-api 0.8.5.2 cross site scripting
3 days 3 hours ago
A vulnerability was found in QuantumNous new-api 0.8.5.2. It has been classified as problematic. The impacted element is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is listed as CVE-2025-55573. The attack may be initiated remotely. There is no available exploit.
vuldb.com
Intel снова подставилась. Но на этот раз дело не в процессорах
3 days 3 hours ago
Intel годами жила на халявном коде, а теперь ей показали, что он не защищает даже данные.
CVE-2025-51825 | JeecgBoot up to 3.8.0 parseSql sql injection (Issue 8335 / EUVD-2025-25520)
3 days 3 hours ago
A vulnerability was found in JeecgBoot up to 3.8.0 and classified as critical. The affected element is an unknown function of the file /jeecg-boot/online/cgreport/head/parseSql. Executing manipulation can lead to sql injection.
This vulnerability is tracked as CVE-2025-51825. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2009-10006 | UFO Alien Invasion up to 2.2.1 stack-based overflow (EDB-14013)
3 days 3 hours ago
A vulnerability has been found in UFO Alien Invasion up to 2.2.1 and classified as critical. Impacted is an unknown function. Performing manipulation results in stack-based buffer overflow.
This vulnerability is identified as CVE-2009-10006. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com
CVE-2025-50691 | MCSManager 10.5.3 information disclosure (EUVD-2025-25522)
3 days 3 hours ago
A vulnerability, which was classified as problematic, was found in MCSManager 10.5.3. This issue affects some unknown processing. Such manipulation leads to information disclosure.
This vulnerability is referenced as CVE-2025-50691. The attack needs to be initiated within the local network. No exploit is available.
A patch should be applied to remediate this issue.
vuldb.com
CVE-2025-33120 | IBM QRadar SIEM up to 7.5.0 UP13 cronjob unnecessary privileges
3 days 3 hours ago
A vulnerability, which was classified as critical, has been found in IBM QRadar SIEM up to 7.5.0 UP13. This vulnerability affects unknown code of the component cronjob. This manipulation causes execution with unnecessary privileges.
The identification of this vulnerability is CVE-2025-33120. The attack can only be executed locally. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-36042 | IBM QRadar SIEM 7.5.0 Web UI cross site scripting
3 days 3 hours ago
A vulnerability classified as problematic was found in IBM QRadar SIEM 7.5.0. This affects an unknown part of the component Web UI. The manipulation results in cross site scripting.
This vulnerability was named CVE-2025-36042. The attack may be performed from a remote location. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
Chinese MURKY PANDA Attacking Government and Professional Services Entities
3 days 3 hours ago
A sophisticated China-nexus threat actor designated MURKY PANDA has emerged as a significant cybersecurity concern, conducting extensive cyberespionage operations against government, technology, academic, legal, and professional services entities across North America since late 2024. This advanced persistent threat group demonstrates exceptional capabilities in cloud environment exploitation and trusted-relationship compromises, marking a concerning evolution in state-sponsored […]
The post Chinese MURKY PANDA Attacking Government and Professional Services Entities appeared first on Cyber Security News.
Tushar Subhra Dutta
审稿人如果审的论文引用了其工作会更可能批准
3 days 3 hours ago
根据对四家开放获取期刊出版物发表的 18,400 篇论文的分析,如果审稿人自己的论文在手稿后续修改版本中被引用,那么相比那些没有引用的手稿,它们更可能获得批准。研究作者 Adrian Barnett 在澳大利昆士兰科技大学从事同行评审和元研究(meta-research)研究,他表示研究灵感来自轶事传闻,据说作者因为审稿人的要求而在论文中添加新的引用。他认为少量引用是可以接受的,但如果要求引用的数量过多,或者引用理由不充分,那么审稿流程就变成交易型(transactional),引用会增加一名研究人员的 h-index。研究针对的四个开放获取平台——F1000Research、Wellcome Open Research、Gates Open Research 和 Open Research Europ——它们公开了论文的所有版本以及审稿人意见。每篇论文的手稿至少需要有两位审稿人发表评论意见。近 5000 篇论文引用了一位审稿人的论文,有 2300 篇审稿人意见要求引用审稿人的论文。
Hackers Abuse VPS Servers To Compromise Software-as-a-service (SaaS) Accounts
3 days 3 hours ago
Cybercriminals are increasingly leveraging Virtual Private Server (VPS) infrastructure to orchestrate sophisticated attacks against Software-as-a-Service (SaaS) platforms, exploiting the anonymity and clean reputation of these hosting services to bypass traditional security controls. A coordinated campaign identified in early 2025 demonstrated how threat actors systematically abuse VPS providers like Hyonix, Host Universal, Mevspace, and Hivelocity to […]
The post Hackers Abuse VPS Servers To Compromise Software-as-a-service (SaaS) Accounts appeared first on Cyber Security News.
Tushar Subhra Dutta
CVE-2023-20088 | Cisco Finesse Reverse Proxy VPN-less Access denial of service (cisco-sa-finesse-proxy-dos-vY5dQhrV / EUVD-2023-24267)
3 days 3 hours ago
A vulnerability labeled as problematic has been found in Cisco Finesse. Impacted is an unknown function of the component Reverse Proxy VPN-less Access. Executing manipulation can lead to denial of service.
This vulnerability is handled as CVE-2023-20088. The attack can be executed remotely. There is not any exploit available.
The affected component should be upgraded.
vuldb.com
Lumma Operators Deploy Cutting-Edge Evasion Tools to Maintain Stealth and Persistence
3 days 3 hours ago
Lumma infostealer affiliates’ complex operating framework was revealed by Insikt Group in a ground-breaking report published on August 22, 2025, underscoring their reliance on cutting-edge evasion technologies to support cybercrime operations. The Lumma malware, a prominent malware-as-a-service (MaaS) platform since 2022, facilitates data exfiltration from browsers, cryptocurrency wallets, and system credentials, supported by a decentralized […]
The post Lumma Operators Deploy Cutting-Edge Evasion Tools to Maintain Stealth and Persistence appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Aman Mishra
Akira
3 days 3 hours ago
You must login to view this content
cohenido
Akira
3 days 3 hours ago
You must login to view this content
cohenido
Akira
3 days 3 hours ago
You must login to view this content
cohenido