Aggregator

A vulnerability was found in ROADCAM X3 App on Android. It has been classified as problematic. This affects an unknown part. The manipulation leads to hard-coded credentials. This vulnerability is uniquely identified as CVE-2025-30123. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in ROADCAM X3 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to use of default credentials. This vulnerability is handled as CVE-2025-30122. The attack needs to be approached within the local network. There is no exploit available.

种种数据显示，人类的推理和问题解决能力可能在大约 2010 年初达到峰值，之后开始下降。这一时间段是智能手机和社交媒体开始席卷世界的时代。发达国家青少年和成年人的阅读、数学和科学测试成绩在下降，有多达四分之一的成年人在评估陈述时难以使用数学推理，而美国这一比例高达 35%。我们获取信息的方式发生了根本性转变，美国人的读书率降至了不到 50% ，自 2010 年代中期以来 18 岁年轻人难以思考和集中注意力。我们的数字习惯发生了变化：从有限制的网页转变为无限的信息流，从主动浏览转变为被动消费，从集中注意力转变为不断切换上下文。研究表明，有意识的使用数字技术能带来好处，但过去几年占主导的被动消费会损害语言处理、注意力、工作记忆和自我调节。

A vulnerability was found in IROAD Dash Cam X5 up to 20250203. It has been rated as problematic. This issue affects some unknown processing of the component SSID. The manipulation leads to use of default credentials. The identification of this vulnerability is CVE-2025-2341. The attack needs to be initiated within the local network. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. Our investigation indicates that a second CVE-2025-30106 was assigned to this entry.

A vulnerability, which was classified as very critical, was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. This affects an unknown part. The manipulation leads to improper authorization. This vulnerability is uniquely identified as CVE-2025-2345. It is possible to initiate the attack remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way. It looks like this entry got a duplicate CVE-2025-30107 assigned.

A vulnerability has been found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308 and classified as problematic. This vulnerability affects unknown code of the component Domain Handler. The manipulation of the argument Domain Name leads to origin validation error. This vulnerability was named CVE-2025-2346. The attack can be initiated remotely. There is no exploit available. It is recommended to apply restrictive firewalling. During the analysis of our data team we suspected a duplicate CVE assignment as CVE-2025-30132.

Wiz确认被谷歌收购！

Wiz确认被谷歌收购！

Wiz确认被谷歌收购！

Wiz确认被谷歌收购！

Wiz确认被谷歌收购！

Wiz确认被谷歌收购！

Wiz确认被谷歌收购！

Threat actors exploit a server-side request forgery (SSRF) flaw, tracked as CVE-2024-27564, in ChatGPT, to target US financial and government organizations. Cybersecurity firm Veriti reports that threat actors are exploiting a server-side request forgery (SSRF) vulnerability, tracked as CVE-2024-27564 (CVSS score of 6.5), in ChatGPT to target financial and government organizations in the US. The […]

A vulnerability classified as critical has been found in IROAD X5 Mobile App up to 5.2.5 on Android. Affected is an unknown function of the component API Endpoint. The manipulation leads to hard-coded credentials. This vulnerability is traded as CVE-2025-2342. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling. The vendor was contacted early about this disclosure but did not respond in any way. It looks like this entry got a duplicate CVE-2025-30109 assigned.

A vulnerability classified as critical was found in IROAD Dash Cam X5 and Dash Cam X6 up to 20250308. Affected by this vulnerability is an unknown functionality of the component Device Pairing. The manipulation leads to hard-coded credentials. This vulnerability is known as CVE-2025-2343. Access to the local network is required for this attack to succeed. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way. During the analysis of our data team we suspected a duplicate CVE assignment as CVE-2025-30110.

Критическая уязвимость позволяет хакерам читать переписку компаний.

A vulnerability has been found in Vestel EVC04 Configuration Interface up to 18.03.2025 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to Sql injection. This vulnerability is known as CVE-2024-8997. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Fortinet FortiSOAR up to 7.4.5. Affected is an unknown function. The manipulation leads to code injection. This vulnerability is traded as CVE-2024-21760. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Forvia Hella HELLA Driving Recorder DR 820. This issue affects some unknown processing of the component SSID Handler. The manipulation leads to use of default credentials. The identification of this vulnerability is CVE-2025-30115. The attack needs to be initiated within the local network. There is no exploit available.