Aggregator

CVE-2025-59052 | Angular up to 18.2.13/18.2.20/19.2.14/19.2.15/20.2.x JavaScript getPlatform race condition (GHSA-68x2-mx4q-78m7)

VulDB Recent Entries
9 months 1 week ago
A vulnerability, which was classified as critical, was found in Angular up to 18.2.13/18.2.20/19.2.14/19.2.15/20.2.x. This affects the function getPlatform of the component JavaScript Module. The manipulation results in race condition. This vulnerability is identified as CVE-2025-59052. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-6088 | danny-avila librechat 0.7.8 Conversation improper authorization

VulDB Recent Entries
9 months 1 week ago
A vulnerability classified as critical was found in danny-avila librechat 0.7.8. Affected by this vulnerability is an unknown functionality of the component Conversation Handler. Executing manipulation can lead to improper authorization. The identification of this vulnerability is CVE-2025-6088. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2025-54376 | SpectoLabs hoverfly up to 1.11.x WebSocket Endpoint /api/v2/ws/logs information disclosure (GHSA-jxmr-2h4q-rhxp)

VulDB Recent Entries
9 months 1 week ago
A vulnerability classified as problematic has been found in SpectoLabs hoverfly up to 1.11.x. Affected is an unknown function of the file /api/v2/ws/logs of the component WebSocket Endpoint. Performing manipulation results in information disclosure. This vulnerability was named CVE-2025-54376. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-47120 | IBM Security Verify Information Queue 10.0.5/10.0.6/10.0.7/10.0.8 unnecessary privileges

VulDB Recent Entries
9 months 1 week ago
A vulnerability described as critical has been identified in IBM Security Verify Information Queue 10.0.5/10.0.6/10.0.7/10.0.8. This impacts an unknown function. Such manipulation leads to execution with unnecessary privileges. This vulnerability is uniquely identified as CVE-2024-47120. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2024-45671 | IBM Security Verify Information Queue 10.0.5/10.0.6/10.0.7/10.0.8 risky encryption

VulDB Recent Entries
9 months 1 week ago
A vulnerability marked as problematic has been reported in IBM Security Verify Information Queue 10.0.5/10.0.6/10.0.7/10.0.8. This affects an unknown function. This manipulation causes risky cryptographic algorithm. This vulnerability is handled as CVE-2024-45671. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2024-45669 | IBM Security Verify Information Queue 10.0.5/10.0.6/10.0.7/10.0.8 allocation of resources

VulDB Recent Entries
9 months 1 week ago
A vulnerability labeled as critical has been found in IBM Security Verify Information Queue 10.0.5/10.0.6/10.0.7/10.0.8. The impacted element is an unknown function. The manipulation results in allocation of resources. This vulnerability is known as CVE-2024-45669. It is possible to launch the attack remotely. No exploit is available. The affected component should be upgraded.
vuldb.com

CVE-2025-10200 | Google Chrome up to 140.0.7339.80 Serviceworker use after free (ID 440454)

VulDB Recent Entries
9 months 1 week ago
A vulnerability identified as critical has been detected in Google Chrome. The affected element is an unknown function of the component Serviceworker. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-10200. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.
vuldb.com

The state of DMARC adoption: What 10M domains reveal

Help Net Security
9 months 1 week ago

In this Help Net Security video, John Wilson, Senior Fellow, Threat Research at Fortra, explores the state of DMARC adoption across the top 10 million internet domains. He explains how SPF, DKIM, and DMARC work together to prevent email spoofing, why misconfigurations like “+all” can be dangerous, and why so few organizations have strong DMARC policies in place even though the standard has been around since 2012. Wilson shares surprising statistics from his research, highlights … More →

The post The state of DMARC adoption: What 10M domains reveal appeared first on Help Net Security.

Help Net Security

Managed ad