Aggregator

A vulnerability was found in Monero up to 0.18.3.4. It has been classified as critical. This affects an unknown part. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2025-26819. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Brocade Fabric OS 9.2.0 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is handled as CVE-2024-5462. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Maps Plugin using Google Maps for WordPress up to 1.9.3 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-13306. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Maps Plugin using Google Maps for WordPress up to 1.9.3 on WordPress. Affected is an unknown function of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-13208. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Brocade Fabric OS. This issue affects some unknown processing of the file system.sh of the component Management Protocol. The manipulation leads to command injection. The identification of this vulnerability is CVE-2024-5461. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in oliverpos Oliver POS Plugin up to 2.4.2.3 on WordPress. This vulnerability affects unknown code of the component Logging. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-13513. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in jsonpath-plus up to 10.2.x. This affects an unknown part. The manipulation leads to code injection. This vulnerability is uniquely identified as CVE-2025-1302. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

又过了一年, 终于能做出高级题了, 也马上就要中考了...... 嗯......顺带发现还有一种答案 (同样提示Correct但交上去不认可...... 后来证实是题目设计不足) 文中也将写到。

A website launched by Elon Musk’s Department of Government Efficiency (DOGE) has been found to have a significant security vulnerability, allowing unauthorized users to directly modify its content. The vulnerability discovered by two web development experts arises from the website’s use of an unsecured external database. This allowed anyone aware of the vulnerability to post […]

The post Elon Musk’s DOGE Website Database Vulnerability Let Anyone Make Entries Directly appeared first on Cyber Security News.

Once a conversation starts and a personal connection is established, scammers behind a screen can lure their targets into video call scams utilizing high-quality deepfake technology

The post Law Enforcement Can’t Save You From Romance Scams  appeared first on Security Boulevard.

Sluggish Sales Growth and Lower Relevance in Endpoint Could Make Trend Attractive
Endpoint security vendors are changing up their ownership or business models as Microsoft and CrowdStrike increasingly blot out the sun in this rapidly consolidating market. Reuters said that Advent International, Bain Capital, EQT AB and KKR have expressed interest in taking Trend Micro private.

Lawsuit Alleges Insurer Used AI Tool in Denying Patients Medically Necessary Care
A proposed class action lawsuit against UnitedHealth Group, which claims the company's insurance unit UnitedHealthcare used artificial intelligence tools to deny Medicare Advantage claims for medically necessary care, has the green light to proceed from a federal judge.

A vulnerability has been found in TheInnovs ElementsCSS Addons for Elementor Plugin up to 1.0.8.7 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-22321. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in 5centsCDN Plugin up to 24.8.16 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-22326. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Andon Ivanov OZ Canonical Plugin up to 0.5 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-22324. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Powerfusion WPAchievements Free Plugin up to 1.2.0 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-22362. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Olaf Lederer EO4WP Plugin up to 1.0.7 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-22327. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Balcom-Vetillo Design BVD Easy Gallery Manager Plugin up to 1.0.6 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-22353. It is possible to launch the attack remotely. There is no exploit available.