Aggregator

CVE-2022-35045 | OTFCC 617837b otfccdump+0x6b0d63 heap-based overflow (EUVD-2022-37943)

Vuldb Updates
2 days 19 hours ago
A vulnerability identified as critical has been detected in OTFCC 617837b. Affected by this issue is some unknown functionality of the file /release-x64/otfccdump+0x6b0d63. Performing a manipulation results in heap-based buffer overflow. This vulnerability is cataloged as CVE-2022-35045. The attack must originate from the local network. There is no exploit available.
vuldb.com

Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack

Help Net Security
2 days 20 hours ago

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: DockSec: Open-source AI-powered Docker security scanner DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the Python tool runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates the findings, returns a 0-100 security score, and proposes line-specific fixes. Treating AI agents … More →

The post Week in review: Exploited Check Point VPN zero-day, Oracle PeopleSoft servers under attack appeared first on Help Net Security.

Anamarija Pogorelec

Anthropic Suspends Advanced Security Models Amid National Security Mandate

Penetration Testing Tools - Metepreter.org
2 days 20 hours ago

An Unprecedented Emergency Intervention Anthropic has long advocated for rigorous artificial intelligence safety protocols and government oversight. Earlier today, the prominent AI startup unexpectedly announced a complete suspension of access to its newly unveiled...

The post Anthropic Suspends Advanced Security Models Amid National Security Mandate appeared first on Information Security News.

ddos

SLH

Dark Feed IO
2 days 20 hours ago

You must login to view this content

cohenido

Paramount Warner Bros Merger: A New Media Empire

Penetration Testing Tools - Metepreter.org
2 days 20 hours ago

Following months of intense scrutiny, the U.S. Department of Justice formally approved Paramount Skydance’s monumental acquisition of Warner Bros. Discovery. Consequently, this landmark transaction drastically diminishes mainstream media competition. Furthermore, it heralds a watershed...

The post Paramount Warner Bros Merger: A New Media Empire appeared first on Information Security News.

ddos

CVE-2026-12198 | Microweber up to 2.0.20 API Endpoint thumbnail_img userfiles_path cache_path_relative path traversal (Issue 1172)

VulDB Recent Entries
2 days 20 hours ago
A vulnerability categorized as critical has been discovered in Microweber up to 2.0.20. This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the component API Endpoint. Executing a manipulation of the argument cache_path_relative can lead to path traversal. This vulnerability is registered as CVE-2026-12198. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-12197 | Ruijie EG105G-P 2.340 JSON-RPC Diagnose Endpoint diagnose nslookup params.target command injection

VulDB Recent Entries
2 days 20 hours ago
A vulnerability was found in Ruijie EG105G-P 2.340. It has been rated as critical. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. This vulnerability is cataloged as CVE-2026-12197. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-12193 | VS Revo RevoUninstaller 2.5.x/2.6.x IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow

VulDB Recent Entries
2 days 21 hours ago
A vulnerability was found in VS Revo RevoUninstaller 2.5.x/2.6.x. It has been declared as critical. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2026-12193. The attack must be carried out locally. In addition, an exploit is available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad