Aggregator

A vulnerability was found in Microsoft Internet Explorer 6 SP2. It has been declared as critical. Affected by this vulnerability is the function onload window of the component JavaScript. The manipulation leads to improper resource management. This vulnerability is known as CVE-2005-1790. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.

A vulnerability was found in Microsoft Internet Explorer 5.01. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2005-2831. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been rated as critical. Affected by this issue is some unknown functionality of the file form2WlAc.cgi of the component HTTP POST Request Handler. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-57678. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this vulnerability is an unknown functionality of the file form2RepeaterSetup.cgi of the component HTTP POST Request Handler. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-57679. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210 and classified as critical. Affected by this issue is some unknown functionality of the file form2PortriggerRule.cgi of the component HTTP POST Request Handler. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-57680. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been classified as critical. Affected is an unknown function of the file form2WlanBasicSetup.cgi of the component HTTP POST Request Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-57676. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file form2Wan.cgi of the component HTTP POST Request Handler. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-57677. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Floodlight 1.2. Affected by this vulnerability is an unknown functionality of the component Topology Manager Module/Linkdiscovery Module. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-57673. The attack needs to be approached locally. There is no exploit available.

Currently trending CVE - Hype Score: 22 - A double free issue was addressed with improved memory management. This issue is fixed in iPadOS 17.7.7, macOS Ventura 13.7.6, macOS Sequoia 15.5, macOS Sonoma 14.7.6. An app may be able to cause unexpected system termination.

A vulnerability was found in Extreme Corporate Extreme Search up to 6.0. It has been rated as problematic. This issue affects some unknown processing of the file extremesearch.php. The manipulation of the argument Search leads to basic cross site scripting. The identification of this vulnerability is CVE-2005-3972. The attack may be initiated remotely. Furthermore, there is an exploit available.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Ransomware Gangs Collapse as Qilin Seizes Control  Dissecting a Python Ransomware distributed through GitHub repositories  SparkKitty, SparkCat’s little brother: A new Trojan spy found in the App Store and Google Play   Uncovering a Tor-Enabled Docker Exploit  […]

A vulnerability has been found in code-projects Online Hotel Booking 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/registration.php. The manipulation of the argument uname leads to sql injection. This vulnerability was named CVE-2025-6917. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #606285 / VDB-314410

Submit #606223 / VDB-202981

Submit #606001 / VDB-298565

Submit #605893 / VDB-298566

Submit #605279 / VDB-202982

Submit #605278 / VDB-298563

A vulnerability was found in TOTOLINK T6 4.1.5cu.709_B20210518/4.1.5cu.748_B20211015 and classified as problematic. This issue affects some unknown processing of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The identification of this vulnerability is CVE-2022-38823. The attack may be initiated remotely. Furthermore, there is an exploit available.

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. The FBI warns that Scattered Spider is now targeting the airline sector LapDogs: China-nexus hackers Hijack […]