Aggregator

Submit #615021 / VDB-316253

A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This affects an unknown part of the component System Time Page. The manipulation of the argument NTP Server leads to os command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2025-7553. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #614901 / VDB-316252

Submit #614928 / VDB-316251

A vulnerability was found in ProFTPD up to 1.2.9 and classified as problematic. Affected by this issue is some unknown functionality of the component ACL CIDR Address Handler. The manipulation leads to improper privilege management. This vulnerability is handled as CVE-2004-0432. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in South River Technologies Titan FTP Server up to 3.0. Affected is an unknown function of the component Disconnect Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2004-0437. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in BEA WebLogic Server up to 8.1 SP2. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2004-0471. Attacking locally is a requirement. Furthermore, there is an exploit available.

A vulnerability was found in BEA WebLogic Server up to 8.1 SP2. It has been declared as critical. This vulnerability affects the function SecurityRoleAssignmentMBean.toXML of the component Access Restriction. The manipulation leads to improper privilege management. This vulnerability was named CVE-2004-0470. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Sun MySQL up to 4.0.20. It has been classified as problematic. Affected is an unknown function. The manipulation leads to symlink following. This vulnerability is traded as CVE-2004-0457. The attack needs to be approached within the local network. Furthermore, there is an exploit available. It is recommended to disable the affected component.

A vulnerability classified as critical was found in Opera Web Browser up to 7.49. Affected by this vulnerability is an unknown functionality of the component Argument Handler. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2004-0473. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apache HTTP Server 1.3.x/2.0.x. It has been declared as critical. Affected by this vulnerability is the function ssl_util_uuencode_binary of the component mod_ssl. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2004-0488. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Symantec Norton AntiVirus 2004. Affected by this issue is some unknown functionality of the component ActiveX Control. The manipulation leads to denial of service. This vulnerability is handled as CVE-2004-0487. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Lotus Domino 5.0.12/6.5.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component URI Handler. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2004-0480. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Apache HTTP Server up to 2.0.50. It has been declared as problematic. This vulnerability affects unknown code of the component mod_ssl. The manipulation leads to memory corruption. This vulnerability was named CVE-2004-0488. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Squid Proxy 2.5 Stable/3 Pre and classified as critical. Affected by this issue is some unknown functionality of the component NTLM Authentication Helper. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2004-0541. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Squid Proxy 2.5 Stable/3 Pre and classified as problematic. Affected by this vulnerability is the function ntlm_fetch_string of the component NTLM Authentication. The manipulation leads to denial of service. This vulnerability is known as CVE-2004-0541. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Currently trending CVE - Hype Score: 18 - Win32k Elevation of Privilege Vulnerability

Trendyol’s application security team uncovered a series of bypasses that render Meta’s Llama Firewall protections unreliable against sophisticated prompt injection attacks. The findings raise fresh concerns about the readiness of existing LLM security measures and underscore the urgent need for more robust defenses as enterprises increasingly embed large language models into their workflows. During the […]

The post Meta’s Llama Firewall Bypassed Using Prompt Injection Vulnerability appeared first on Cyber Security News.

A vulnerability was found in Dromara Northstar up to 7.3.5. It has been rated as critical. Affected by this issue is the function preHandle of the file northstar-main/src/main/java/org/dromara/northstar/web/interceptor/AuthorizationInterceptor.java of the component Path Handler. The manipulation of the argument Request leads to improper access controls. This vulnerability is handled as CVE-2025-7552. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Лечиться препаратами с Земли — как пить кофе из микроволновки. Уже можно лучше.