Aggregator
CVE-2025-36220 | IBM Cloud Pak for Data System up to 11.3.0.2 IF002 sql injection
CVE-2025-13755 | IBM DB2/DB2 Connect Server up to 11.5.9/12.1.4 log file
CVE-2026-9628 | UTT HiPER 1200GW up to 2.5.3-170306 Web Management Interface formPptpClientConfig PPTP server address/username/password/tunnel name stack-based overflow
CVE-2026-9627 | UTT HiPER 1200GW up to 2.5.3-170306 Web Management Interface /goform/setSysAdm strcpy sysAdmUser/sysAdmPass buffer overflow
Multiple Angular Language Service Extension Vulnerabilities Enable RCE Attacks
A set of high-severity vulnerabilities has been identified in the Angular Language Service Visual Studio Code extension (Angular.ng-template), potentially exposing developers to remote code execution (RCE) attacks through multiple exploitation paths. The vulnerabilities arise from insecure handling of user-controlled input and unsafe configuration loading within the extension. Researchers found that attackers can exploit trusted development […]
The post Multiple Angular Language Service Extension Vulnerabilities Enable RCE Attacks appeared first on Cyber Security News.
Windows Update решил обновить BIOS. Владельцы HP получили шум, зависания и синие экраны
How Tier 1 Can Process Alerts 3x Faster with Threat Intelligence
You already know the feeling.The shift starts, and the queue is already full. Somewhere in that pile of hundreds of alerts is the one that actually matters — the lateral movement no one caught, the C2 beacon hiding behind a legitimate-looking domain, the first whisper of a ransomware chain. Your job is to find it before the window closes. That’s the weight Tier 1 carries […]
The post How Tier 1 Can Process Alerts 3x Faster with Threat Intelligence appeared first on Cyber Security News.
Submit #818380: UTT HiPER 1200GW <=v2.5.3-170306 Buffer Overflow [Accepted]
Submit #818374: UTT HiPER 1200GW v2.5.3-170306 Buffer Overflow [Accepted]
CVE-2026-9551 | Das Parking Management System 停车场管理系统 6.2.0 API Endpoint ExportParkingRecords xp_cmdshell Value sql injection (EUVD-2026-31827)
CVE-2026-45082 | karakeep-app karakeep up to 0.31.x HTTP server-side request forgery (GHSA-g647-327m-79g9 / EUVD-2026-31826)
CVE-2026-48685 | FastNetMon Community Edition up to 1.2.9/4.3 src/bgp_protocol.hpp parse_raw_bgp_attribute out-of-bounds (EUVD-2026-31841)
CVE-2025-66407 | weblate up to 5.14 Create cross-site request forgery (GHSA-hfpv-mc5v-p9mm / EUVD-2025-203462)
CVE-2026-48692 | FastNetMon Community Edition up to 1.2.9 gRPC API src/fastnetmon.cpp InsecureServerCredentials denial of service (EUVD-2026-31845)
CVE-2026-9582 | SourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgery
CVE-2026-9603 | SourceCodester eDoc Doctor Appointment System 1.0 delete-session.php ID authorization
CVE-2026-9583 | SourceCodester CET Automated Grading System with AI Predictive Analytics SQL /index.php information exposure
Литий на свалку истории. Ученые устранили слабое место магниевых батарей и заставили их работать 1300 часов
Akira
You must login to view this content