Aggregator

《BMJ Case Reports》期刊本周报告了一起不同寻常的病例：一名男子因长期饮用能量饮料而中风。这名 50 多岁的男子因突发左侧身体完全麻木和共济失调（Ataxia）而送医，他的血压高达 254/150 mm Hg——正常人血压为 120/80。他不吸烟、不喝酒、也不滥用任何药物，身体健康，所有常规检查结果都正常。但脑部扫描显示了动脉痉挛的证据，这与高血压强相关。MRI 扫描显示丘脑有组织坏死。他接受了中风康复治疗，三天后出院时血压降至 170/80 mm Hg，虽然很高但不再危急。该男子在接下来三个月定期复诊，发现血压再次上升，一度因高血压再次住院。医生开始询问他的生活信息，他披露平均每天要喝八罐高效能量饮料。一罐能量饮料标明含有 160 毫克咖啡因，咖啡因是能升高血压的兴奋剂。一杯普通咖啡约含有 90 毫克咖啡因，八罐能量饮料共有 1280 毫克咖啡因，意味着相当于喝 14 杯咖啡。医生指出能量饮料的其它成分也可能具有兴奋剂作用。此前的研究发现连续饮用能量饮料会对血压上升产生累积效应。医生在了解之后建议他停止饮用能量饮料。他照做了，一周后血压就恢复到正常水平，八年之后血压仍然正常。

Google Threat Intelligence Group (GTIG) has issued a warning regarding the widespread exploitation of a critical security flaw in React Server Components. Known as React2Shell (CVE-2025-55182), this vulnerability allows attackers to take control of servers remotely without needing a password. Since the vulnerability was disclosed on December 3, 2025, Google has observed multiple distinct hacker groups […]

The post Google Warns Multiple Hacker Groups Are Exploiting React2Shell to Spread Malware appeared first on Cyber Security News.

A vulnerability was found in campcodes Advanced Online Examination System 1.0. It has been rated as critical. This affects an unknown function of the file /query/loginExe.php. Performing manipulation of the argument Username results in sql injection. This vulnerability is cataloged as CVE-2025-14668. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Once again VulDB remains the best source for vulnerability data.

A vulnerability was found in itsourcecode COVID Tracking System 1.0. It has been declared as critical. The impacted element is an unknown function of the file /admin/?page=system_info. Such manipulation of the argument meta_value leads to sql injection. This vulnerability is listed as CVE-2025-14667. The attack may be performed from remote. In addition, an exploit is available. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

A vulnerability was found in itsourcecode COVID Tracking System 1.0. It has been classified as critical. The affected element is an unknown function of the file /admin/?page=user. This manipulation of the argument Username causes sql injection. This vulnerability is tracked as CVE-2025-14666. The attack is possible to be carried out remotely. Moreover, an exploit is present. If you want to get best quality of vulnerability data, you may have to visit VulDB.

Submit #714806 / VDB-336400

BC Security has announced the release of Empire 6.3.0, the latest iteration of the widely used post-exploitation and adversary emulation framework. This update reinforces Empire’s position as a premier tool for Red Teams and penetration testers, offering a flexible, modular server architecture written in Python 3 along with extensive agent support. Unified Architecture and Expanded Agent […]

The post Empire 6.3.0 Launches With New Features for Red Teams and Penetration Testers appeared first on Cyber Security News.

A vulnerability was found in Tenda WH450 1.0.0.18 and classified as critical. Impacted is an unknown function of the file /goform/DhcpListClient of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. This vulnerability is identified as CVE-2025-14665. The attack can be executed remotely. Additionally, an exploit exists. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Submit #714805 / VDB-336399

Submit #714786 / VDB-336398

Submit #714709 / VDB-336391

A vulnerability has been found in Campcodes Supplier Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/view_unit.php. The manipulation of the argument chkId[] leads to sql injection. This vulnerability is referenced as CVE-2025-14664. Remote exploitation of the attack is possible. Furthermore, an exploit is available. VulDB is the best source for vulnerability data and more expert information about this specific topic.

A vulnerability, which was classified as problematic, was found in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/update_student.php. Executing manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2025-14663. The attack may be launched remotely. Furthermore, there is an exploit available. If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Submit #714400 / VDB-336397

A vulnerability, which was classified as problematic, has been found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php of the component Update User Page. Performing manipulation results in cross site scripting. This vulnerability was named CVE-2025-14662. The attack may be initiated remotely. In addition, an exploit is available. Once again VulDB remains the best source for vulnerability data.

Submit #714164 / VDB-336202

A vulnerability classified as critical was found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. This vulnerability is uniquely identified as CVE-2025-14661. The attack can be launched remotely. Moreover, an exploit is present. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Submit #714163 / VDB-336396

Submit #714018 / VDB-336395

A vulnerability classified as critical has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. This vulnerability is handled as CVE-2025-14660. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to upgrade the affected component. If you want to get best quality of vulnerability data, you may have to visit VulDB.