Aggregator

CVE-2022-45416 | Mozilla Firefox Keyboard Event timing discrepancy (Nessus ID 249965)

Vuldb Updates
2 days 16 hours ago
A vulnerability was found in Mozilla Firefox. It has been declared as problematic. This affects an unknown part of the component Keyboard Event Handler. The manipulation leads to observable timing discrepancy. This vulnerability is uniquely identified as CVE-2022-45416. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-21954 | Linux Kernel up to 6.12.19/6.13.7 netmem ip_proto privilege escalation (Nessus ID 249973 / WID-SEC-2025-0683)

Vuldb Updates
2 days 16 hours ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.19/6.13.7. This vulnerability affects the function ip_proto of the component netmem. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-21954. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-13978 | LibTIFF up to 4.7.0 fax2ps tools/tiff2pdf.c t2p_read_tiff_init null pointer dereference (Issue 649 / EUVD-2024-54843)

Vuldb Updates
2 days 16 hours ago
A vulnerability categorized as problematic has been discovered in LibTIFF up to 4.7.0. Affected by this vulnerability is the function t2p_read_tiff_init of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-13978. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2003-0347 | Microsoft Office 97/2000/XP HTML heap-based overflow (MS03-037 / VU#804780)

Vuldb Updates
2 days 16 hours ago
A vulnerability identified as very critical has been detected in Microsoft Office 97/2000/XP. This vulnerability affects unknown code of the component HTML Handler. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2003-0347. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2003-0349 | Microsoft Windows 5 Media Service ISAPI Extension /scripts POST Request memory corruption (VU#113716 / EDB-16355)

Vuldb Updates
2 days 16 hours ago
A vulnerability marked as problematic has been reported in Microsoft Windows 5. This vulnerability affects unknown code in the library nsiislog.dll of the file /scripts of the component Media Service ISAPI Extension. The manipulation as part of POST Request leads to memory corruption. This vulnerability was named CVE-2003-0349. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2010-1719 | Moto-treks Com Mtfireeagle 1.2 index.php controller path traversal (EDB-12233 / Nessus ID 43636)

Vuldb Updates
2 days 16 hours ago
A vulnerability was found in Moto-treks Com Mtfireeagle 1.2 and classified as problematic. This affects an unknown part of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is uniquely identified as CVE-2010-1719. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2010-1600 | Thefactory Com Mediamall 1.0.4 com_media index.php Category sql injection (EDB-12234 / XFDB-57906)

Vuldb Updates
2 days 16 hours ago
A vulnerability labeled as critical has been found in Thefactory Com Mediamall 1.0.4. This issue affects some unknown processing of the file index.php of the component com_media. The manipulation of the argument Category leads to sql injection. The identification of this vulnerability is CVE-2010-1600. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2010-1491 | Mms.pipp Com Mmsblog 2.3.0 index.php controller path traversal (EDB-12318 / Nessus ID 43636)

Vuldb Updates
2 days 16 hours ago
A vulnerability, which was classified as problematic, was found in Mms.pipp Com Mmsblog 2.3.0. This issue affects some unknown processing of the file index.php. The manipulation of the argument controller leads to path traversal. The identification of this vulnerability is CVE-2010-1491. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2010-2050 | M0r0n Com Mscomment 0.8.0 index.php controller path traversal (EDB-12611 / Nessus ID 43636)

Vuldb Updates
2 days 16 hours ago
A vulnerability was found in M0r0n Com Mscomment 0.8.0. It has been classified as problematic. Affected is an unknown function of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is traded as CVE-2010-2050. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2010-1307 | Software.realtyna Com Joomlaupdater 2.0.8 Updater index.php controller path traversal (EDB-12070 / XFDB-57531)

Vuldb Updates
2 days 16 hours ago
A vulnerability labeled as problematic has been found in Software.realtyna Com Joomlaupdater 2.0.8. This issue affects some unknown processing of the file index.php of the component Updater. The manipulation of the argument controller leads to path traversal. The identification of this vulnerability is CVE-2010-1307. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2010-1495 | Matamko Com Matamko 1.01 index.php controller path traversal (EDB-12286 / BID-39550)

Vuldb Updates
2 days 16 hours ago
A vulnerability was found in Matamko Com Matamko 1.01. It has been declared as problematic. This affects an unknown part of the file index.php. The manipulation of the argument controller leads to path traversal. This vulnerability is uniquely identified as CVE-2010-1495. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-9093 | BuzzFeed App 2024.9 on Android com.buzzfeed.android AndroidManifest.xml improper export of android application components

Vuldb Updates
2 days 16 hours ago
A vulnerability labeled as problematic has been found in BuzzFeed App 2024.9 on Android. This affects an unknown part of the file AndroidManifest.xml of the component com.buzzfeed.android. The manipulation leads to improper export of android application components. This vulnerability is uniquely identified as CVE-2025-9093. The attack needs to be approached locally. Furthermore, there is an exploit available.
vuldb.com

The AI-Powered Threat: Key Findings from the CrowdStrike Global Threat Report 2025

Penetration Testing Tools - Metepreter.org
2 days 16 hours ago

CrowdStrike has released its Global Threat Report 2025, documenting a profound shift in the behavior of both cybercriminals and state-sponsored groups. Analysts have described 2024 as “the year of the enterprising adversary”—threat actors are...

The post The AI-Powered Threat: Key Findings from the CrowdStrike Global Threat Report 2025 appeared first on Penetration Testing Tools.

ddos

Google’s New Crypto App Rules: A Game-Changer for a Safer Digital Ecosystem

Penetration Testing Tools - Metepreter.org
2 days 16 hours ago

Google has introduced a new requirement for developers of cryptocurrency exchange and wallet applications, mandating that they obtain official government licenses prior to publication. The company explains that this initiative is intended to foster...

The post Google’s New Crypto App Rules: A Game-Changer for a Safer Digital Ecosystem appeared first on Penetration Testing Tools.

ddos

CVE-2025-7458 | SQLite up to 3.41.1 SELECT Statement sqlite3KeyInfoFromExprList integer overflow (Nessus ID 249982)

Vuldb Updates
2 days 16 hours ago
A vulnerability was found in SQLite up to 3.41.1. It has been rated as problematic. Affected by this issue is the function sqlite3KeyInfoFromExprList of the component SELECT Statement Handler. The manipulation leads to integer overflow. This vulnerability is handled as CVE-2025-7458. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-46206 | Artifex mupdf 1.25.5/1.25.6 mutool clean utility /Next strip_outline recursion (Nessus ID 249976)

Vuldb Updates
2 days 16 hours ago
A vulnerability was found in Artifex mupdf 1.25.5/1.25.6. It has been classified as problematic. Affected is the function strip_outline of the file /Next of the component mutool clean utility. The manipulation leads to uncontrolled recursion. This vulnerability is traded as CVE-2025-46206. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-8534 | libtiff 4.6.0 tiff2ps tools/tiff2ps.c PS_Lvl2page null pointer dereference (Issue 718 / EUVD-2025-23581)

Vuldb Updates
2 days 16 hours ago
A vulnerability identified as problematic has been detected in libtiff 4.6.0. This vulnerability affects the function PS_Lvl2page of the file tools/tiff2ps.c of the component tiff2ps. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-8534. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue. One of the maintainers explains, that "[t]his error only occurs if DEFER_STRILE_LOAD (defer-strile-load:BOOL=ON) or TIFFOpen( .. "rD") option is used."
vuldb.com

CVE-2025-38410 | Linux Kernel up to 6.16-rc2 msm drm_sched_entity_push_job memory leak (Nessus ID 249984)

Vuldb Updates
2 days 16 hours ago
A vulnerability described as critical has been identified in Linux Kernel up to 6.16-rc2. This affects the function drm_sched_entity_push_job of the component msm. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2025-38410. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad