Aggregator

CVE-2025-3549 | Open Asset Import Library Assimp 5.4.3 File MD3Loader.cpp ValidateSurfaceHeaderOffsets heap-based overflow (Issue 6070)

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2025-3549. The attack needs to be approached locally. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-3548 | Open Asset Import Library Assimp up to 5.4.3 File include/assimp/types.h aiString::Set heap-based overflow (Issue 6068)

VulDB Recent Entries
9 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2025-3548. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

GitHub 短暂限制中国 IP 访问

Solidot
9 months 4 weeks ago
根据用户在 GitHub Community 上的报告,中国大陆 IP 地址访问 GitHub 显示了“Access to this site has been restricted”的错误信息,GitHub 返回了 HTTP CODE 403 错误信息,意味着这是 GitHub 方面采取的行动。目前官方尚未做出回应,对中国大陆 IP 的限制已经解除。更新:GitHub 声明是配置变更意外导致中国未登陆用户无法访问网站,有问题的配置变更已经撤销,持续时间从 2025 年 4 月 12 日 20:01 (UTC) 到 2025 年 4 月 13 日 14:55 (UTC)截至。

CVE-2006-3990 | Mosets Tree Savant2_Plugin_form.php mosConfig_absolute_path privileges management (XFDB-27906 / BID-19151)

Vuldb Updates
9 months 4 weeks ago
A vulnerability was found in Mosets Tree. It has been rated as critical. This issue affects some unknown processing of the file Savant2_Plugin_form.php. The manipulation of the argument mosConfig_absolute_path leads to improper privilege management. The identification of this vulnerability is CVE-2006-3990. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2006-3990 | Mosets Tree Savant2_Plugin_editor.php mosConfig_absolute_path privileges management (XFDB-27906 / BID-19151)

Vuldb Updates
9 months 4 weeks ago
A vulnerability was found in Mosets Tree. It has been declared as critical. This vulnerability affects unknown code of the file Savant2_Plugin_editor.php. The manipulation of the argument mosConfig_absolute_path leads to improper privilege management. This vulnerability was named CVE-2006-3990. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

德国 UBI 实验未发现参与者会停止工作

Solidot
9 months 4 weeks ago
德国 UBI(无条件基本收入)实验未发现参与者会停止工作。这项实验由柏林非营利组织 Mein Grundeinkommen(我的基本收入)发起,122 名参与者在三年内每个月获得 1200 欧元的无条件资助,他们可以随意使用,唯一的条件是必须每六个月汇报一次他们生活各个方面的情况,包括财务状况、工作模式、心理健康和社会参与度。参与者年龄在 21-40 岁,独居且月收入在 1100-2600 欧元之间。批评人士认为,无条件基本收入会降低工作意愿。但 Grundeinkommen 的研究表明,实际情况并非如此。参与者平均每周工作 40 小时,他们一直工作,与未获得资助的对照组情况相同。与对照组不同的是,获得 UBI 的人更可能换工作或深造,他们对工作生涯更满意,感觉生活更有价值且更有意义,心理健康也有明显改善。

CVE-2009-1612 | BaoFeng Storm 2.7.9 8 up to 3.9.4 17 ActiveX Control mps.dll memory corruption (EDB-8579 / ID 121535)

Vuldb Updates
9 months 4 weeks ago
A vulnerability has been found in BaoFeng Storm 2.7.9 8 up to 3.9.4 17 and classified as very critical. Affected by this vulnerability is an unknown functionality in the library mps.dll of the component ActiveX Control. The manipulation leads to memory corruption. This vulnerability is known as CVE-2009-1612. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad