Aggregator

A vulnerability was found in Oracle WebLogic Server 14.1.1.0.0. It has been classified as critical. This affects an unknown part of the component Samples. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-25647. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Oracle Communications Unified Inventory Management 7.4.0/7.4.1/7.4.2/7.5.0. Affected is an unknown function of the component REST API. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-25647. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Oracle Communications Cloud Native Core Automated Test Suite 22.2.2/22.3.1/22.4.0. Affected is an unknown function of the component ATS Framework. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-25647. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Oracle Communications Cloud Native Core Binding Support Function 22.2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Install/Upgrade. The manipulation leads to denial of service. This vulnerability is known as CVE-2022-25647. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Oracle Communications Performance Intelligence Center (PIC) Software 10.4.0.4.1. Affected is an unknown function of the component Management. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-25647. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Oracle Utilities Testing Accelerator 6.0.0.1.3/6.0.0.2.4/6.0.0.3.3 and classified as critical. This vulnerability affects unknown code of the component Tools. The manipulation leads to denial of service. This vulnerability was named CVE-2022-25647. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Oracle GoldenGate Stream Analytics. This issue affects some unknown processing of the component GoldenGate Stream Analytics. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-25647. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in Oracle Siebel Core-Common Components up to 22.8. This vulnerability affects unknown code of the component DISA. The manipulation leads to denial of service. This vulnerability was named CVE-2022-25647. The attack can be initiated remotely. There is no exploit available.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.

Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for May 2025.

An employee at Elon Musk’s artificial intelligence venture, xAI, inadvertently disclosed a sensitive API key on GitHub, potentially exposing proprietary large language models (LLMs) linked to SpaceX, Tesla, and Twitter/X. Cybersecurity specialists estimate the leak remained active for two months, offering outsiders the capability to access and query highly confidential AI systems engineered with internal […]

The post xAI Developer Accidentally Leaks API Key Granting Access to SpaceX, Tesla, and X LLMs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #564314 / VDB-307417

Submit #564311 / VDB-307416

Submit #564301 / VDB-307415

Submit #564284 / VDB-206248

A vulnerability was found in Web Stories Plugin up to 1.24.0 on WordPress. It has been classified as critical. This affects an unknown part of the file /v1/hotlink/proxy of the component REST API Endpoint Handler. The manipulation of the argument url leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2022-3708. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in D-Link DIR-823G 1.0.2 and classified as critical. Affected by this vulnerability is the function SetNetworkTomographySettings of the component Packet Handler. The manipulation leads to command injection. This vulnerability is known as CVE-2022-43109. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in Tenda AC23 16.03.07.45_cn. It has been rated as critical. This issue affects the function fromSetSysTime. The manipulation of the argument timeZone leads to out-of-bounds write. The identification of this vulnerability is CVE-2022-43102. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Tenda AC23 16.03.07.45_cn. Affected is the function formSetQosBand of the component Parameter Handler. The manipulation of the argument list leads to out-of-bounds write. This vulnerability is traded as CVE-2022-43103. It is possible to launch the attack remotely. Furthermore, there is an exploit available.