Aggregator

CVE-2025-27234 | Zabbix Agent 2 smartctl Plugin up to 5.0.46 Parameter smart.disk.get os command injection (EUVD-2025-29036 / Nessus ID 264710)

Vuldb Updates
21 hours 13 minutes ago
A vulnerability, which was classified as critical, has been found in Zabbix Agent 2 smartctl Plugin up to 5.0.46. This affects an unknown part of the file smart.disk.get of the component Parameter Handler. The manipulation leads to os command injection. This vulnerability is referenced as CVE-2025-27234. The attack needs to be initiated within the local network. No exploit is available.
vuldb.com

CVE-2025-27240 | Zabbix up to 6.0.33/6.4.18/7.0.3 Visible name sql injection (EUVD-2025-29033 / Nessus ID 264711)

Vuldb Updates
21 hours 13 minutes ago
A vulnerability was found in Zabbix up to 6.0.33/6.4.18/7.0.3. It has been classified as critical. The affected element is an unknown function. Performing manipulation of the argument Visible name results in sql injection. This vulnerability is cataloged as CVE-2025-27240. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2012-2206 | IBM WebSphere MQ 7.0.3/7.0.4 access control (ID 1607481 / EDB-20478)

Vuldb Updates
21 hours 52 minutes ago
A vulnerability categorized as problematic has been discovered in IBM WebSphere MQ 7.0.3/7.0.4. Affected is an unknown function. Such manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2012-2206. The attack can be launched remotely. Moreover, an exploit is present. It is advisable to implement a patch to correct this issue.
vuldb.com

CVE-2012-2171 | IBM Ds4100 1724 ModuleServlet.do selectedModuleOnly sql injection (EDB-19321 / XFDB-75236)

Vuldb Updates
21 hours 52 minutes ago
A vulnerability marked as critical has been reported in IBM Ds4100 1724. The impacted element is an unknown function of the file ModuleServlet.do. The manipulation of the argument selectedModuleOnly leads to sql injection. This vulnerability is traded as CVE-2012-2171. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2012-3294 | IBM WebSphere MQ 7.0.3/7.0.4/7.5 cross-site request forgery (ID 1607482 / EDB-20477)

Vuldb Updates
21 hours 52 minutes ago
A vulnerability identified as problematic has been detected in IBM WebSphere MQ 7.0.3/7.0.4/7.5. Affected by this vulnerability is an unknown functionality. Performing manipulation results in cross-site request forgery. This vulnerability was named CVE-2012-3294. The attack may be initiated remotely. In addition, an exploit is available. Applying a patch is the recommended action to fix this issue.
vuldb.com

Qilin

Dark Feed IO
22 hours 3 minutes ago

You must login to view this content

cohenido

Lynx

Dark Feed IO
22 hours 5 minutes ago

You must login to view this content

cohenido

Achieve Independence in NHI and Secrets Management

Security Boulevard
22 hours 7 minutes ago

Why should NHI and Secrets Management Matter to Businesses? How often do businesses rethink their cybersecurity strategy to ensure it is all-inclusive and fool-proof? A comprehensive data protection plan cannot overlook the need for Non-Human Identities (NHIs) and Secrets Management. Regrettably, this crucial aspect is often overlooked, leading to severe loopholes in a company’s data […]

The post Achieve Independence in NHI and Secrets Management appeared first on Entro.

The post Achieve Independence in NHI and Secrets Management appeared first on Security Boulevard.

Alison Mack

Relax With Advanced Non-Human Identity Protections

Security Boulevard
22 hours 7 minutes ago

Are Your Cloud Operations Truly Secure? Let’s face it: Companies are leveraging diverse technologies to stay competitive and efficient. Essentially, many operations are migrating to the cloud to facilitate seamless business processes. But as we embrace this technological evolution, one question becomes critical: “Is your cloud secure?” Moreover, can you relax knowing your sensitive data […]

The post Relax With Advanced Non-Human Identity Protections appeared first on Entro.

The post Relax With Advanced Non-Human Identity Protections appeared first on Security Boulevard.

Alison Mack

CVE-2025-30359 | webpack-dev-server up to 5.2.0 routine (GHSA-4v9v-hfq4-rm2v / Nessus ID 264715)

Vuldb Updates
22 hours 8 minutes ago
A vulnerability was found in webpack-dev-server up to 5.2.0. It has been classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to exposed dangerous routine. This vulnerability is referenced as CVE-2025-30359. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-32996 | chimurai http-proxy-middleware up to 2.0.7/3.0.3 writeBody control flow (EUVD-2025-11356 / Nessus ID 264713)

Vuldb Updates
22 hours 8 minutes ago
A vulnerability labeled as problematic has been found in chimurai http-proxy-middleware up to 2.0.7/3.0.3. This vulnerability affects the function writeBody. The manipulation results in incorrect control flow. This vulnerability is reported as CVE-2025-32996. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2025-32997 | chimurai http-proxy-middleware up to 2.0.8/3.0.4 fixRequestBody unusual condition (EUVD-2025-11355 / Nessus ID 264714)

Vuldb Updates
22 hours 8 minutes ago
A vulnerability marked as problematic has been reported in chimurai http-proxy-middleware up to 2.0.8/3.0.4. This issue affects the function fixRequestBody. This manipulation causes improper check for unusual conditions. This vulnerability appears as CVE-2025-32997. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2018-14732 | webpack-dev-server up to 3.1.5 WebSocket Server lib/Server.js Request input validation (Nessus ID 264716)

Vuldb Updates
22 hours 8 minutes ago
A vulnerability described as critical has been identified in webpack-dev-server up to 3.1.5. Impacted is an unknown function in the library lib/Server.js of the component WebSocket Server. Executing manipulation as part of Request can lead to improper input validation. This vulnerability is registered as CVE-2018-14732. It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-30360 | webpack-dev-server up to 5.2.0 origin validation (GHSA-9jgg-88mc-972h / Nessus ID 264716)

Vuldb Updates
22 hours 8 minutes ago
A vulnerability was found in webpack-dev-server up to 5.2.0. It has been rated as problematic. This vulnerability affects unknown code. This manipulation causes origin validation error. This vulnerability is tracked as CVE-2025-30360. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.
vuldb.com

Managed ad