Aggregator

A vulnerability was found in Insyde H2O up to 05.71.20. It has been rated as critical. This issue affects the function Tcg2Smm. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2025-4277. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

The Apricorn Aegis NVX is a hardware-based 256-Bit AES XTS external SSD drive with integrated USB-C cable. Its storage capacities range from 500GB to 2TB. The device is OS free and cross-platform compatible. Design and build The drive comes with a compact carry case, a USB-C to USB-A adapter, and a quick start guide. It is enclosed in aircraft-grade aluminum alloy and sealed with tamper-resistant, tamper-evident uni-directional breakaway security fasteners that are driven and cemented … More →

The post Product showcase: Apricorn Aegis NVX, a high-security, portable SSD appeared first on Help Net Security.

A vulnerability was found in Insyde H2O up to 05.39.17/05.47.17/05.55.17/05.62.17/05.71.17. It has been declared as critical. This vulnerability affects unknown code of the component UsbCoreDxe. The manipulation leads to improper input validation. This vulnerability was named CVE-2025-4276. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome. It has been classified as problematic. This affects an unknown part of the component V8. The manipulation leads to race condition. This vulnerability is uniquely identified as CVE-2025-8880. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Substance3D Stager up to 3.1.3 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2025-54222. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Adobe Dimension up to 4.1.3 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2025-54238. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Adobe Framemaker up to 2020.8/2022.6. Affected is an unknown function of the component File Handler. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2025-54233. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Adobe Framemaker up to 2020.8/2022.6. This issue affects some unknown processing of the component File Handler. The manipulation leads to use after free. The identification of this vulnerability is CVE-2025-54232. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Framemaker up to 2020.8/2022.6. This vulnerability affects unknown code of the component File Handler. The manipulation leads to use after free. This vulnerability was named CVE-2025-54231. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Adobe Framemaker up to 2020.8/2022.6. This affects an unknown part of the component File Handler. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-54229. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

FreeBuf甲方群围绕数据安全展开讨论，探讨蓝队溯源反制、高频告警处理及红队入侵应急响应等问题，并分享了通过日志分析、蜜罐部署、自动化工具等手段提升防御能力的经验。

A vulnerability was found in Adobe Framemaker up to 2020.8/2022.6. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2025-54230. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component ANGLE. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2025-8901. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Security researchers at Cymulate Research Labs have discovered a critical zero-click NTLM credential leakage vulnerability that successfully bypasses Microsoft’s security patch for CVE-2025-24054, demonstrating that the original fix was incomplete and leaving millions of Windows systems exposed to sophisticated attacks. The newly identified vulnerability, assigned CVE-2025-50154, allows attackers to extract NTLMv2-SSP hashes without any user interaction, even […]

The post New Zero-Click NTLM Credential Leak Exploit Bypasses Microsoft Patch for CVE-2025-24054 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Google Chrome. It has been classified as critical. Affected is an unknown function of the component Aura. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-8882. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome and classified as problematic. This issue affects some unknown processing of the component File Picker. The manipulation leads to permissive cross-domain policy with untrusted domains. The identification of this vulnerability is CVE-2025-8881. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Франция капитулирует перед желеобразными захватчиками.

A vulnerability has been found in Google Chrome and classified as critical. This vulnerability affects unknown code of the component libaom. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2025-8879. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in timstrifler Exclusive Addons for Elementor Plugin 2.7.9.1 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Countdown Timer Widget. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-4783. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Easy Digital Downloads Plugin up to 3.3.8.1 on WordPress. It has been classified as problematic. Affected is the function edd_receipt of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-4670. It is possible to launch the attack remotely. There is no exploit available.