Aggregator

A vulnerability classified as critical was found in Siemens TeleControl Server Basic 3.1.2.1. This vulnerability affects the function UpdateConnectionVariablesWithImport. The manipulation leads to sql injection. This vulnerability was named CVE-2025-32834. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Siemens TeleControl Server Basic 3.1.2.1. This affects the function UnlockProjectUserRights. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2025-32833. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens TeleControl Server Basic 3.1.2.1. It has been rated as critical. Affected by this issue is the function LockProjectUserRights. The manipulation leads to sql injection. This vulnerability is handled as CVE-2025-32832. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens TeleControl Server Basic 3.1.2.1. It has been declared as critical. Affected by this vulnerability is the function UpdateProjectUserRights. The manipulation leads to sql injection. This vulnerability is known as CVE-2025-32831. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens TeleControl Server Basic 3.1.2.1. It has been classified as critical. Affected is the function UnlockProject. The manipulation leads to sql injection. This vulnerability is traded as CVE-2025-32830. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens TeleControl Server Basic 3.1.2.1 and classified as critical. This issue affects the function LockProjectCrossCommunications. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2025-32829. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in LRQA Nettitude PoshC2 and classified as critical. This vulnerability affects the function upload_file of the component POST Request Handler. The manipulation leads to privilege escalation. This vulnerability was named CVE-2024-53303. The attack can be initiated remotely. There is no exploit available.

Apple released emergency security updates to patch two zero-day vulnerabilities that were used in an "extremely sophisticated attack" against specific targets' iPhones. [...]

A vulnerability, which was classified as problematic, was found in net-html up to 0.37.x on Go. This affects the function Parse of the component Tokenizer. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-22872. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw, which enables NTLM hash disclosure through spoofing, allows attackers to harvest sensitive user credentials with minimal interaction, potentially leading to privilege escalation and full network compromise. Despite Microsoft releasing a […]

The post Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, has been found in Siemens TeleControl Server Basic 3.1.2.1. Affected by this issue is the function UpdateProjectCrossCommunications. The manipulation leads to sql injection. This vulnerability is handled as CVE-2025-32828. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Siemens TeleControl Server Basic 3.1.2.1. Affected by this vulnerability is the function ActivateProject. The manipulation leads to sql injection. This vulnerability is known as CVE-2025-32827. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Siemens TeleControl Server Basic 3.1.2.1. Affected is the function GetActiveProjects. The manipulation leads to sql injection. This vulnerability is traded as CVE-2025-32826. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens TeleControl Server Basic 3.1.2.1. It has been rated as critical. This issue affects the function GetProjects. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2025-32825. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens TeleControl Server Basic 3.1.2.1. It has been declared as critical. This vulnerability affects the function UnlockProject. The manipulation leads to sql injection. This vulnerability was named CVE-2025-32824. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens TeleControl Server Basic 3.1.2.1. It has been classified as critical. This affects the function LockProject. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2025-32823. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens TeleControl Server Basic 3.1.2.1 and classified as critical. Affected by this issue is the function DeleteProject. The manipulation leads to sql injection. This vulnerability is handled as CVE-2025-32822. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Siemens TeleControl Server Basic 3.1.2.1 and classified as critical. Affected by this vulnerability is the function UpdateProject. The manipulation leads to sql injection. This vulnerability is known as CVE-2025-32475. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.