Aggregator

A vulnerability, which was classified as problematic, has been found in Bosscomm IF740 11001.7078/11001.0000. This issue affects some unknown processing. The manipulation leads to channel accessible by non-endpoint. The identification of this vulnerability is CVE-2025-25728. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Bosscomm IF740 11001.7078/11001.0000. Affected by this issue is some unknown functionality. The manipulation leads to missing encryption of sensitive data. This vulnerability is handled as CVE-2025-25727. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in eteubert Podlove Podcast Publisher Plugin up to 4.2.2 on WordPress. It has been rated as problematic. Affected by this issue is the function ajax_transcript_delete. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-1383. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in realmag777 HUSKY Plugin up to 1.3.6.5 on WordPress and classified as critical. Affected by this issue is the function woof_text_search. The manipulation of the argument template leads to path traversal. This vulnerability is handled as CVE-2025-1661. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in GL-iNet Beryl AX GL-MT3000 4.7.0. This vulnerability affects unknown code of the file /download of the component POST Request Handler. The manipulation of the argument path leads to information disclosure. This vulnerability was named CVE-2025-25684. The attack can only be done within the local network. There is no exploit available.

A vulnerability has been found in Fortinet FortiOS and FortiProxy and classified as critical. Affected by this vulnerability is an unknown functionality of the component CSF Proxy Request Handler. The manipulation leads to authentication bypass using alternate channel. This vulnerability is known as CVE-2025-24472. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

AI不会取代人类，而是作为渗透测试工程师的效能倍增器

AI不会取代人类，而是作为渗透测试工程师的效能倍增器

Why the key milestones for PQC migration are part of building and maintaining good cyber security practice.

NCSC Technical Director Dr Ian Levy explains the technical impact of the recent US sanctions on the security of Huawei equipment in the UK.

With 5G set to transform mobile services, Ian Levy explains how the UK has approached telecoms security, and what that means for the future.

五大赛区同频共振，“铁人三项”赛程过半。赛事全程高能，跟随镜头一起来看！

五大赛区同频共振，“铁人三项”赛程过半。赛事全程高能，跟随镜头一起来看！

五大赛区同频共振，“铁人三项”赛程过半。赛事全程高能，跟随镜头一起来看！

五大赛区同频共振，“铁人三项”赛程过半。赛事全程高能，跟随镜头一起来看！

五大赛区同频共振，“铁人三项”赛程过半。赛事全程高能，跟随镜头一起来看！

五大赛区同频共振，“铁人三项”赛程过半。赛事全程高能，跟随镜头一起来看！

Cyber security – even in a time of global unrest – remains a balance of different risks. Ian Levy, the NCSC's Technical Director, explains why.

NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK’s telecoms networks are secure – regardless of the vendors used.