Aggregator

How New AI Agents Will Transform Credential Stuffing Attacks

The Hackers News
9 months 1 week ago
Credential stuffing attacks had a huge impact in 2024, fueled by a vicious circle of infostealer infections and data breaches. But things could be about to get worse still with Computer-Using Agents, a new kind of AI agent that enables low-cost, low-effort automation of common web tasks — including those frequently performed by attackers. Stolen credentials: The cyber criminal’s weapon of choice
The Hacker News

CISA Warns of Active Exploitation of Microsoft Windows Win32k Vulnerability

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
9 months 1 week ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2018-8639, a decade-old Microsoft Windows privilege escalation flaw, to its Known Exploited Vulnerabilities (KEV) catalog amid confirmed active attacks. First patched by Microsoft in December 2018, this Win32k kernel-mode driver vulnerability enables authenticated local attackers to execute arbitrary code with SYSTEM privileges, granting unfettered control over […]

The post CISA Warns of Active Exploitation of Microsoft Windows Win32k Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2025-1695 | F5 NGINX Unit up to 1.34.1 Java Language Module infinite loop (K000149959)

Vuldb Updates
9 months 1 week ago
A vulnerability, which was classified as problematic, was found in F5 NGINX Unit up to 1.34.1. Affected is an unknown function of the component Java Language Module. The manipulation leads to infinite loop. This vulnerability is traded as CVE-2025-1695. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-1893 | Open5GS up to 2.7.2 UDM Subscriber Data Management src/amf/gmm-sm.c gmm_state_authentication denial of service (Issue 3707)

Vuldb Updates
9 months 1 week ago
A vulnerability was found in Open5GS up to 2.7.2. It has been declared as problematic. Affected by this vulnerability is the function gmm_state_authentication of the file src/amf/gmm-sm.c of the component UDM Subscriber Data Management. The manipulation leads to denial of service. This vulnerability is known as CVE-2025-1893. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-1894 | PHPGurukul Restaurant Table Booking System 1.0 /search-result.php searchdata sql injection

Vuldb Updates
9 months 1 week ago
A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-result.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability is handled as CVE-2025-1894. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-1895 | Tenda TX3 16.03.13.11_multi /goform/setMacFilterCfg deviceList buffer overflow

Vuldb Updates
9 months 1 week ago
A vulnerability classified as critical has been found in Tenda TX3 16.03.13.11_multi. This affects an unknown part of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-1895. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-1897 | Tenda TX3 16.03.13.11_multi SetNetControlList list buffer overflow

Vuldb Updates
9 months 1 week ago
A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The identification of this vulnerability is CVE-2025-1897. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-1898 | Tenda TX3 16.03.13.11_multi /goform/openSchedWifi schedStartTime/schedEndTime buffer overflow

Vuldb Updates
9 months 1 week ago
A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. This vulnerability is traded as CVE-2025-1898. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-1899 | Tenda TX3 16.03.13.11_multi /goform/setPptpUserList list buffer overflow

Vuldb Updates
9 months 1 week ago
A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. This vulnerability is known as CVE-2025-1899. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad