Aggregator

A vulnerability was found in JCE-Tech Shareasale Script 1.0. It has been declared as critical. Affected is an unknown function of the file merchant_product_list.php. Such manipulation of the argument mechant_id leads to sql injection. This vulnerability is uniquely identified as CVE-2010-2460. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability, which was classified as critical, has been found in Oracle Retail Store Inventory Management up to 16.0.3.7. This vulnerability affects unknown code of the component SIM Integration. This manipulation causes improper input validation. This vulnerability is tracked as CVE-2021-44832. The attack is possible to be carried out remotely. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability has been found in Oracle Agile Engineering Data Management 6.2.1.0 and classified as critical. This affects an unknown function of the component Installation Issues. The manipulation leads to improper input validation. This vulnerability is listed as CVE-2021-44832. The attack may be initiated remotely. There is no available exploit. The affected component should be upgraded.

A vulnerability was found in Oracle Agile PLM 9.3.6 and classified as critical. This impacts an unknown function of the component Security. The manipulation results in improper input validation. This vulnerability is cataloged as CVE-2021-44832. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in Oracle Retail Financial Integration 14.1.3.2/15.0.3.1/16.0.3/19.0.0/19.0.1. Affected is an unknown function of the component PeopleSoft Integration Bugs. Performing manipulation results in improper input validation. This vulnerability was named CVE-2021-44832. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in Oracle Retail Integration Bus 14.1.3.2/15.0.3.1/16.0.3/19.0.0/19.0.1. Affected by this vulnerability is an unknown functionality of the component RIB Kernal. Executing manipulation can lead to improper input validation. The identification of this vulnerability is CVE-2021-44832. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in Oracle Retail Merchandising System 16.0.3/19.0.1. Affected by this issue is some unknown functionality of the component Foundation. The manipulation leads to improper input validation. This vulnerability is referenced as CVE-2021-44832. Remote exploitation of the attack is possible. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Oracle Retail Service Backbone 14.1.3.2/15.0.3.1/16.0.3/19.0.0/19.0.1. This affects an unknown part of the component RSB Installation. The manipulation results in improper input validation. This vulnerability is identified as CVE-2021-44832. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

New StorybyTechBeatbyTechBeat@techbeatHackerNoon’s rank of trending tech stories based on pageviews

Из тяжелой ракеты сделали сверхтяжелую для доставки грузов на Луну и не только.

Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute mali

Bad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2. "This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target victims across operating systems," Blackfog researcher Brenda Robb said in a Thursday report. In

Zero-Day / Software SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Fr

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2025-61757 (CVSS score: 9.8), a case of missing authentication for a critical function that can result in pre-authenticated

A vulnerability was found in Microsoft Windows. It has been declared as critical. This affects an unknown part of the component Ancillary Function Driver for WinSock. Such manipulation leads to use after free. This vulnerability is referenced as CVE-2025-53147. The attack can only be performed from a local environment. No exploit is available. Applying a patch is advised to resolve this issue.

A vulnerability has been found in Microsoft Windows and classified as critical. Affected is an unknown function of the component Message Queuing. The manipulation leads to type confusion. This vulnerability is uniquely identified as CVE-2025-53143. The attack is possible to be carried out remotely. No exploit exists. Applying a patch is the recommended action to fix this issue.

A vulnerability was found in Microsoft Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component Message Queuing. The manipulation results in type confusion. This vulnerability was named CVE-2025-53144. The attack may be performed from remote. There is no available exploit. It is best practice to apply a patch to resolve this issue.

A vulnerability was found in Microsoft Windows. It has been classified as critical. Affected by this issue is some unknown functionality of the component Message Queuing. This manipulation causes type confusion. The identification of this vulnerability is CVE-2025-53145. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

注：本文是笔者工作过程中思考事物、认识事物，准备改造事物的手稿之一，因接下来的工作中，拟计划使其数字安全建设与