Aggregator

A vulnerability described as critical has been identified in Microsoft IIS 4.0. This affects an unknown part of the component File Handler. Such manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-1999-0777. The attack can be launched remotely. No exploit exists. It is advisable to implement a patch to correct this issue.

A vulnerability, which was classified as problematic, has been found in IBM AIX 4.1.5/4.2.1. Impacted is an unknown function of the component named-xfer. The manipulation of the argument -f leads to improper privilege management. This vulnerability is referenced as CVE-1999-1013. The attack can only be performed from a local environment. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in KVIrc IRC Client 0.9.0 and classified as problematic. This affects an unknown function of the component Listen Request Option. Such manipulation as part of DCC GET Request leads to path traversal. This vulnerability is listed as CVE-1999-1351. The attack may be performed from remote. There is no available exploit.

A vulnerability was found in Knox Software Arkeia 4.0/4.1. It has been rated as problematic. Affected by this vulnerability is an unknown functionality of the component nlserverd. The manipulation leads to denial of service. This vulnerability is documented as CVE-1999-0788. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability categorized as critical has been discovered in Mutt. Affected by this issue is some unknown functionality of the component MIME Message Handler. The manipulation results in memory corruption. This vulnerability is reported as CVE-1999-0940. The attack can be launched remotely. No exploit exists. It is advisable to upgrade the affected component.

Как Payouts King прячет инструменты в виртуальной машине внутри заражённой системы.

A vulnerability identified as problematic has been detected in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cross site scripting. This vulnerability is reported as CVE-2026-6593. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability categorized as problematic has been discovered in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/user_manager.py of the component userdata Endpoint. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2026-6592. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in ComfyUI up to 0.13.0. It has been rated as critical. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. This vulnerability is registered as CVE-2026-6591. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in ComfyUI up to 0.13.0. It has been declared as critical. This impacts the function get_model_preview of the file app/model_manager.py of the component Model Preview Endpoint. The manipulation results in path traversal. This vulnerability is cataloged as CVE-2026-6590. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in ComfyUI up to 0.13.0. It has been classified as problematic. This affects the function create_origin_only_middleware of the file server.py. The manipulation leads to cross-site request forgery. This vulnerability is listed as CVE-2026-6589. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #791114 / VDB-358228

Submit #791113 / VDB-358227

Submit #791112 / VDB-358226

Submit #791109 / VDB-358225

Submit #791108 / VDB-358224

In her new book, Code War: How Nations Hack, Spy, and Shape the Digital Battlefield, Allie Mellen provides true stories of the current cyber war and, importantly, what might be ahead.

The post A History of Global Hacking — and Where It’s Going Next appeared first on Security Boulevard.

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware Nexcorium Mirai variant […]

A vulnerability was found in Vixie Cron 3.0 Pl1 and classified as problematic. The impacted element is an unknown function of the component Crontab File Handler. The manipulation of the argument MAILTO as part of Environment Variable results in memory corruption. This vulnerability is reported as CVE-1999-0872. The attack requires a local approach. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Microsoft Internet Explorer 5.0. It has been classified as problematic. This affects an unknown function of the component URL History Handler. This manipulation causes information disclosure. This vulnerability appears as CVE-1999-1235. The attack requires local access. In addition, an exploit is available. Upgrading the affected component is recommended.