Aggregator

A vulnerability labeled as critical has been found in Biosig libbiosig 3.9.0. Affected by this vulnerability is an unknown functionality of the file biosig.c of the component MFER Parser. Executing manipulation can lead to stack-based buffer overflow. This vulnerability is registered as CVE-2025-54486. It is possible to launch the attack remotely. No exploit is available.

A sophisticated Android malware campaign has resurfaced, exploiting deceptive websites that perfectly mimic legitimate Google Play Store application pages to distribute the notorious SpyNote Remote Access Trojan (RAT). This malicious operation targets unsuspecting users by creating static HTML clones of popular Android application install pages, complete with copied CSS styling and JavaScript functionality designed to […]

The post Beware of Website Mimicking Google Play Store Pages to Deliver Android Malware appeared first on Cyber Security News.

A vulnerability identified as critical has been detected in SAIL Image Decoding Library 0.9.8. Affected is an unknown function of the component PSD Image Decoder. Performing manipulation results in integer overflow to buffer overflow. This vulnerability is cataloged as CVE-2025-53510. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as critical has been discovered in SAIL Image Decoding Library 0.9.8. This impacts an unknown function of the component PSD RLE Decoder. Such manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2025-53085. The attack may be performed from a remote location. There is no available exploit.

A vulnerability was found in SAIL Image Decoding Library 0.9.8. It has been rated as critical. This affects an unknown function of the component BMPv3 RLE Decoder. This manipulation causes integer overflow to buffer overflow. This vulnerability is tracked as CVE-2025-52930. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in SAIL Image Decoding Library 0.9.8. It has been declared as critical. The impacted element is an unknown function of the component WebP Image Decoder. The manipulation results in integer overflow to buffer overflow. This vulnerability is identified as CVE-2025-52456. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in SAIL Image Decoding Library 0.9.8. It has been classified as critical. The affected element is an unknown function of the component PCX Image Decoder. The manipulation leads to heap-based buffer overflow. This vulnerability is referenced as CVE-2025-50129. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in SAIL Image Decoding Library 0.9.8 and classified as critical. Impacted is an unknown function of the component BMPv3 Palette Decoder. Executing manipulation can lead to integer overflow to buffer overflow. The identification of this vulnerability is CVE-2025-46407. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in SAIL Image Decoding Library 0.9.8 and classified as critical. This issue affects some unknown processing of the component PCX Image Decoder. Performing manipulation results in heap-based buffer overflow. This vulnerability was named CVE-2025-35984. The attack may be initiated remotely. There is no available exploit.

A vulnerability, which was classified as critical, was found in Biosig libbiosig 3.9.0. This vulnerability affects unknown code of the file biosig.c of the component MFER Parser. Such manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-54485. The attack can be launched remotely. No exploit exists.

A vulnerability, which was classified as critical, has been found in Biosig libbiosig 3.9.0. This affects an unknown part of the file biosig.c of the component MFER Parser. This manipulation causes stack-based buffer overflow. This vulnerability is handled as CVE-2025-54484. The attack can be initiated remotely. There is not any exploit available.

A vulnerability classified as critical was found in Biosig libbiosig 3.9.0. Affected by this issue is some unknown functionality of the file biosig.c of the component MFER Parser. The manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2025-54483. It is possible to launch the attack remotely. No exploit is available.

A vulnerability classified as critical has been found in Biosig libbiosig 3.9.0. Affected by this vulnerability is an unknown functionality of the file biosig.c of the component MFER Parser. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-54482. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability described as critical has been identified in Biosig libbiosig 3.9.0. Affected is an unknown function of the file biosig.c of the component MFER Parser. Executing manipulation can lead to stack-based buffer overflow. This vulnerability appears as CVE-2025-54481. The attack may be performed from a remote location. There is no available exploit.

То, что казалось формальностью, стало мастер-ключом ко взлому.

A vulnerability marked as critical has been reported in SAIL Image Decoding Library 0.9.8. This impacts an unknown function of the component BMPv3 Image Decoder. Performing manipulation results in integer overflow to buffer overflow. This vulnerability is reported as CVE-2025-32468. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability labeled as critical has been found in PHPOffice PhpSpreadsheet up to 1.29.x/2.1.11/2.3.x/3.9.x/4.x. This affects the function setPath of the component HTML Document Handler. Such manipulation leads to server-side request forgery. This vulnerability is documented as CVE-2025-54370. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

通过构造恶意稀疏型HLL与正常密集型HLL执行合并操作，触发Redis在HLL合并过程中导致的整数上溢漏洞，**造成受限地址写**（覆盖`int`负数范围的`3/4`）。 预先构造包含三个`0x3800`字节sds对象（`sdsa/sdsb/sdsc`）及合并后密集型HLL数据的堆布局，利用受限地址写修改sdsb头部类型标识符（`SDSHDR16`的`0x02`改为`SDSHDR64`的`0x04

Submit #634316 / VDB-317779

A vulnerability identified as problematic has been detected in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure. This vulnerability is registered as CVE-2025-9461. Remote exploitation of the attack is possible. Furthermore, an exploit is available.