Aggregator

CVE-2025-5815 | Traffic Monitor Plugin up to 3.2.2 on WordPress Setting tfcm_maybe_set_bot_flags authorization (EUVD-2025-18243)

8 months 2 weeks ago

A vulnerability was found in Traffic Monitor Plugin up to 3.2.2 on WordPress and classified as problematic. This issue affects the function tfcm_maybe_set_bot_flags of the component Setting Handler. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2025-5815. The attack may be initiated remotely. There is no exploit available.

vuldb.com

CVE-2025-5950 | IndieBlocks Plugin up to 0.13.2 on WordPress kind cross site scripting (EUVD-2025-18238)

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability has been found in IndieBlocks Plugin up to 0.13.2 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation of the argument kind leads to cross site scripting. This vulnerability was named CVE-2025-5950. The attack can be initiated remotely. There is no exploit available.

vuldb.com

CVE-2025-5288 | REST API Plugin up to 2.0.3 on WordPress process_handler authorization (EUVD-2025-18240)

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability, which was classified as critical, was found in REST API Plugin up to 2.0.3 on WordPress. This affects the function process_handler. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2025-5288. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2025-39496 | Product Filter Pro Plugin up to 2.7.6 on WordPress sql injection

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability, which was classified as critical, has been found in Product Filter Pro Plugin up to 2.7.6 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2025-39496. The attack may be launched remotely. There is no exploit available.

vuldb.com

Akira

Dark Feed IO

8 months 2 weeks ago

You must login to view this content

cohenido

Lawton Partners Falls Victim to Apos Security Ransomware Attack

Dark Web Informer - Cyber Threat Intelligence

8 months 2 weeks ago

Lawton Partners Falls Victim to Apos Security Ransomware Attack

Dark Web Informer - Cyber Threat Intelligence

Threat Actors Leverages DeepSeek-R1 Popularity to Attack Users Running Windows Devices

Cyber Security News

8 months 2 weeks ago

Cybercriminals have begun exploiting the surge in popularity of DeepSeek-R1, one of the most sought-after large language models currently available, to distribute a sophisticated new malware strain targeting Windows users. The malicious campaign uses the artificial intelligence chatbot’s growing demand as a lure to trick unsuspecting users into downloading what appears to be legitimate DeepSeek […]

The post Threat Actors Leverages DeepSeek-R1 Popularity to Attack Users Running Windows Devices appeared first on Cyber Security News.

Tushar Subhra Dutta

МВД требует срочных полномочий — банкам дадут три дня на ответ, а полиции — доступ к звонкам

Securitylab.ru

8 months 2 weeks ago

Полиция требует упростить доступ к данным и средствам граждан.

Akira

Dark Feed IO

8 months 2 weeks ago

You must login to view this content

cohenido

CVE-2025-49200 | SICK Field Analytics information disclosure (EUVD-2025-18176)

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability classified as problematic was found in SICK Field Analytics. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-49200. The attack can be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-49198 | SICK Media Server random values (EUVD-2025-18178)

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability classified as problematic has been found in SICK Media Server. Affected is an unknown function. The manipulation leads to insufficiently random values. This vulnerability is traded as CVE-2025-49198. It is possible to launch the attack remotely. There is no exploit available.

vuldb.com

CVE-2025-49197 | SICK Media Server up to 1.4 weak hash (EUVD-2025-18179)

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability was found in SICK Media Server up to 1.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to use of weak hash. The identification of this vulnerability is CVE-2025-49197. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

OffensiveCon25 – Keynote: Automating Your Job? The Future Of AI and Exploit Development

Security Boulevard

8 months 2 weeks ago

Author/Presenter: Perri Adams

Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel.

Thanks and a Tip O' The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending the OffensiveCon 25 conference.

Permalink

The post OffensiveCon25 – Keynote: Automating Your Job? The Future Of AI and Exploit Development appeared first on Security Boulevard.

Marc Handelman

CVE-2025-49195 | SICK Media Server excessive authentication (EUVD-2025-18194)

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability was found in SICK Media Server. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability was named CVE-2025-49195. The attack can be initiated remotely. There is no exploit available.

vuldb.com

CVE-2025-49193 | SICK Field Analytics/Media Server protection mechanism

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability was found in SICK Field Analytics and Media Server. It has been classified as problematic. This affects an unknown part. The manipulation leads to protection mechanism failure. This vulnerability is uniquely identified as CVE-2025-49193. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2025-49199 | SICK Field Analytics data authenticity (EUVD-2025-18177)

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability was found in SICK Field Analytics and classified as very critical. Affected by this issue is some unknown functionality. The manipulation leads to insufficient verification of data authenticity. This vulnerability is handled as CVE-2025-49199. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-49194 | SICK Media Server cleartext transmission (EUVD-2025-18193)

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability has been found in SICK Media Server and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is known as CVE-2025-49194. The attack can be launched remotely. There is no exploit available.

vuldb.com

GitLab security advisory (AV25-342)

CCCS - Alerts and advisories

8 months 2 weeks ago

Canadian Centre for Cyber Security

印度航空发生致命空难，至少 200 人死亡

Solidot

8 months 2 weeks ago

6 月 12 日下午，从印度艾哈迈达巴德飞往英国伦敦盖特威克机场的印度航空 171 号班机波音 787-8 客机，起飞期间在萨达尔·瓦拉巴伊·帕特尔国际机场附近坠毁。事故发生在毗邻机场、人口稠密的梅加尼纳加尔（Meghani Nagar）住房区。印度航空官方通告显示，机上载有 242 人，有一位幸存者；地面至少 28 人也遭波及遇难，已确认 269 人死亡。本次事故是波音 787 客机自 2011 年投入商业运营以来的首起致命空难。失事飞机服役了 11 年。机上有 169 名印度人、53 名英国人、7 名葡萄牙人和 1 名加拿大人。

CVE-2025-49192 | SICK Field Analytics/Media Server ui layer

VulDB Recent Entries

8 months 2 weeks ago

A vulnerability, which was classified as problematic, was found in SICK Field Analytics and Media Server. Affected is an unknown function. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is traded as CVE-2025-49192. It is possible to launch the attack remotely. There is no exploit available.

vuldb.com

Aggregator

Managed ad