Aggregator

A vulnerability was found in Oracle Financial Services Price Creation and Discovery 8.0.4/8.0.5/8.0.6/8.0.7. It has been rated as critical. This issue affects some unknown processing of the component Spring Framework. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2019-11358. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Submit #590149 / VDB-314321

A vulnerability was found in Smart Agenda Plugin up to 4.9 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-53294. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in IBM Cognos Analytics up to 11.2.4 FP5/12.0.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-52900. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

State Moves to Restructure Cyber Bureau and Issue Mass Layoffs Despite Court Order
Current and recent former Department of State staffers told Information Security Media Group the agency is preparing to implement layoffs and begin a reorganization despite a San Francisco federal district court order blocking across-the-board layoffs at federal agencies.

A deceptive and destructive Python package named psslib, uncovered by Socket’s Threat Research Team, poses a severe risk to developers by masquerading as a legitimate password security solution. Published by the threat actor identified as umaraq, this malicious package typosquats the widely trusted passlib library a toolkit with over 8.9 million monthly downloads used for […]

The post Malicious Passlib Python Package Triggers Windows Shutdowns with Invalid Inputs appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability has been found in Marvell QConvergeConsole and classified as critical. This vulnerability affects the function deleteAppFile. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2025-6798. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Marvell QConvergeConsole. This affects the function saveNICParamsToFile. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2025-6801. It is possible to initiate the attack remotely. There is no exploit available.

科研、教育事业的道路上，这一代代薪火不灭的传承，格外美丽。

A vulnerability, which was classified as critical, has been found in Marvell QConvergeConsole. Affected by this issue is the function deleteEventLogFile. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-6805. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Marvell QConvergeConsole. Affected by this vulnerability is the function decryptFile. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2025-6806. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Marvell QConvergeConsole. Affected is the function QLogicDownloadImpl. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2025-6793. It is possible to launch the attack remotely. There is no exploit available.

Атака затронула десятки компаний и обошла защиту Microsoft.

A vulnerability was found in Marvell QConvergeConsole. It has been rated as critical. This issue affects the function getAppFileBytes. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2025-6796. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Marvell QConvergeConsole. It has been declared as critical. This vulnerability affects the function compressDriverFiles. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2025-6803. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Marvell QConvergeConsole. It has been classified as critical. This affects the function compressFirmwareDumpFiles. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2025-6804. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Marvell QConvergeConsole and classified as critical. Affected by this issue is the function getFileUploadSize. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2025-6795. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Marvell QConvergeConsole and classified as critical. Affected by this vulnerability is the function getFileUploadBytes. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2025-6797. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Marvell QConvergeConsole. Affected is the function getFileUploadBytes. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2025-6799. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Marvell QConvergeConsole. This issue affects the function restoreESwitchConfig. The manipulation leads to path traversal. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2025-6800. The attack may be initiated remotely. There is no exploit available.