Aggregator

CVE-2025-29425 | code-projects Online Class and Exam Scheduling System 1.0 exam_save.php member/first sql injection

VulDB Recent Entries
9 months ago
A vulnerability classified as critical has been found in code-projects Online Class and Exam Scheduling System 1.0. Affected is an unknown function of the file exam_save.php. The manipulation of the argument member/first leads to sql injection. This vulnerability is traded as CVE-2025-29425. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com

CVE-2025-29781 | metal3-io baremetal-operator up to 0.8.0/0.9.0 information disclosure (GHSA-c98h-7hp9-v9hq)

VulDB Recent Entries
9 months ago
A vulnerability was found in metal3-io baremetal-operator up to 0.8.0/0.9.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-29781. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-29912 | NASA CryptoLib up to 1.3.3 Crypto_TC_ProcessSecurity fl heap-based overflow (GHSA-3f5x-r59x-p8cf)

VulDB Recent Entries
9 months ago
A vulnerability was found in NASA CryptoLib up to 1.3.3. It has been declared as very critical. This vulnerability affects the function Crypto_TC_ProcessSecurity. The manipulation of the argument fl leads to heap-based buffer overflow. This vulnerability was named CVE-2025-29912. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2024-8510 | N-able N-central 2023.4/2023.6/2024.2/2024.3 Apache Tomcat WEB-INF Directory path traversal

VulDB Recent Entries
9 months ago
A vulnerability was found in N-able N-central 2023.4/2023.6/2024.2/2024.3. It has been classified as critical. This affects an unknown part of the component Apache Tomcat WEB-INF Directory. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-8510. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

How financial institutions can minimize their attack surface

Help Net Security
9 months ago

In this Help Net Security interview, Sunil Mallik, CISO of Discover Financial Services, discusses cybersecurity threats for financial institutions. He also shares insights on balancing compliance with agility, lessons from regulatory audits, and Discover’s approach to risk management and workforce development. What are the most pressing security threats facing credit card and digital banking platforms, and how should organizations adapt defenses to counter them? The most pressing security threats facing credit card companies and digital … More →

The post How financial institutions can minimize their attack surface appeared first on Help Net Security.

Mirko Zorz

Managed ad