Aggregator

A vulnerability was found in Docker Desktop up to 4.44.2 on Windows. It has been classified as critical. This affects an unknown function of the component API. The manipulation leads to exposure of resource. This vulnerability is documented as CVE-2025-9074. The attack needs to be performed locally. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Workhorse Software Services Municipal Accounting Software and classified as critical. The impacted element is an unknown function of the component Database Backup Handler. Executing manipulation can lead to improper authentication. This vulnerability is registered as CVE-2025-9040. The attack needs to be launched locally. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability has been found in Workhorse Software Services Municipal Accounting Software and classified as problematic. The affected element is an unknown function of the component MySQL Server Connection String Handler. Performing manipulation results in cleartext storage of sensitive information. This vulnerability is cataloged as CVE-2025-9037. The attack must be initiated from a local position. There is no exploit available. The affected component should be upgraded.

Восстановление научной работы может занять месяцы при самом оптимистичном сценарии.

A vulnerability, which was classified as problematic, was found in OpenSolution Quick.CMS.EXT 6.8. Impacted is an unknown function of the component Thumbnail Viewer. Such manipulation of the argument sFileName leads to cross site scripting. This vulnerability is listed as CVE-2025-54175. The attack may be performed from a remote location. There is no available exploit.

A vulnerability, which was classified as problematic, has been found in OpenSolution Quick.CMS 6.8. This issue affects some unknown processing. This manipulation causes cross-site request forgery. This vulnerability is tracked as CVE-2025-54174. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability classified as problematic was found in OpenSolution Quick.CMS 6.8. This vulnerability affects unknown code of the component Page Editor. The manipulation results in cross site scripting. This vulnerability is identified as CVE-2025-54172. The attack can be executed remotely. There is not any exploit available.

A vulnerability classified as problematic has been found in Liferay Portal and DXP. This affects an unknown part. The manipulation of the argument _com_liferay_users_admin_web_portlet_UsersAdminPortlet_assetTagNames leads to cross site scripting. This vulnerability is referenced as CVE-2025-43741. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability described as problematic has been identified in Liferay Portal and DXP. Affected by this issue is some unknown functionality of the component Web Contents Handler. Executing manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2025-43742. The attack may be launched remotely. There is no exploit available.

A vulnerability marked as problematic has been reported in Touch Lebanon Mobile App 2.20.2. Affected by this vulnerability is an unknown functionality of the component OTP Handler. Performing manipulation results in weak password recovery. This vulnerability was named CVE-2025-50503. The attack needs to be approached within the local network. There is no available exploit.

A vulnerability labeled as critical has been found in Tenda AC6 V02.03.01.110. Affected is an unknown function of the component HTTP Header Parser. Such manipulation leads to missing release of resource. This vulnerability is uniquely identified as CVE-2025-30256. The attack can be launched remotely. No exploit exists.

A vulnerability identified as problematic has been detected in Liferay Portal and DXP. This impacts the function document_library of the component Form Handler. This manipulation causes files or directories accessible. This vulnerability is handled as CVE-2025-43749. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as critical has been discovered in Tenda AC6 02.03.01.110. This affects an unknown function of the component Cloud API. The manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2025-32010. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in Tenda AC6 02.03.01.110. It has been rated as problematic. The impacted element is an unknown function of the component Firmware Update Handler. The manipulation leads to download of code without integrity check. This vulnerability is traded as CVE-2025-31355. It is possible to initiate the attack remotely. There is no exploit available.

Microsoft’s comprehensive suite of online services, including the central Office.com portal, is currently experiencing a significant and widespread outage, leaving millions of users unable to access essential productivity applications. The company has confirmed the issue and is actively investigating the root cause to restore service as quickly as possible. The disruption, which began escalating earlier […]

The post Microsoft Office.com Suffers Major Outage, Investigation Underway – Updated appeared first on Cyber Security News.

A vulnerability was found in Tenda AC6 02.03.01.110. It has been declared as critical. The affected element is an unknown function of the component HTTP Request Handler. Executing manipulation can lead to authentication bypass using alternate channel. This vulnerability appears as CVE-2025-27129. The attack may be performed from a remote location. There is no available exploit.

A vulnerability was found in Tenda AC6 02.03.01.110. It has been classified as critical. Impacted is an unknown function of the file /goform/getproductInfo. Performing manipulation results in authentication bypass using alternate channel. This vulnerability is reported as CVE-2025-24496. The attack is possible to be carried out remotely. No exploit exists.

A survey of 370 IT and cybersecurity decision makers in organizations with at least 100 employees published today finds, on average, enterprise IT organizations are spending 11 person-hours investigating and remediating each critical identity-related security alert. Conducted by Enterprise Strategy Group (ESG) on behalf of Teleport, a provider of a platform for securing access to..

The post Survey: Enterprise IT Teams Spend 11 Hours Investigating Identity Incidents appeared first on Security Boulevard.

A vulnerability was found in Tenda AC6 02.03.01.110 and classified as critical. This issue affects some unknown processing of the component Network Handler. Such manipulation leads to missing critical step in authentication. This vulnerability is documented as CVE-2025-24322. The attack can be executed remotely. There is not any exploit available.