Aggregator

Submit #595999 / VDB-313623

Submit #595995 / VDB-313622

Submit #593678 / VDB-313622

A vulnerability was found in seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71. It has been declared as problematic. Affected by this vulnerability is the function echo of the file /src/main/java/controller/SimpleController.java. The manipulation of the argument Name leads to cross site scripting. This vulnerability is known as CVE-2025-6509. The attack can be launched remotely. Furthermore, there is an exploit available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

UK’s Cyber Monitoring Centre (CMC) labels Marks & Spencer and Co-op cyberattacks a Category 2 event, estimating financial impact at £270M–£440M. The Cyber Monitoring Centre (CMC) has labeled the recent cyberattacks on Marks & Spencer and Co-op as a Category 2 systemic event, estimating losses between £270M and £440M. In early May, the attackers behind […]

Что такое эмбиззлмент и как физики научились жульничать с законами Вселенной?

Submit #593061 / VDB-311712

Windows 和 Linux 世界的两大巨头此前从未在现实世界里见过面。最近 Sysinternals 创始人 Mark Russinovich 举办的一个晚宴上，Linux 内核作者 Linus Torvalds 和微软联合创始人 Bill Gates 首次同框。照片中共有四个人，其他两人是 Sysinternals 联合创始人、现微软云计算平台 Azure CTO Russinovich，他在 1990 年代后期开发了一组工具 Process Explorer、Autoruns 和 Procmon，对管理员和安全专业人士理解 Windows 内部机制产生了革命性影响。另外一人是 OpenVMS 核心开发者、Windows NT 内核和硬件抽象层的首席架构师，被誉为 Windows NT 之父的 Dave Cutler。Russinovich 在发布照片时开玩笑的说，他们并没有做出重要的内核决策。

Submit #592962 / VDB-313621

A vulnerability classified as critical was found in Microsoft SQL Server 2000. Affected by this vulnerability is an unknown functionality of the component DBCC. The manipulation leads to memory corruption. This vulnerability is known as CVE-2002-0644. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Adobe Flash Player up to 16.0.0.296. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2015-0318. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

SecurityScorecard has discovered a covert cyber-espionage botnet dubbed “LapDogs” linked to China

Клиент OpenVPN обещал безопасность, но подарил пользователям лишь синий экран.

A vulnerability was found in Oracle Financial Services Asset Liability Management 8.0.4/8.0.5/8.0.6/8.0.7 and classified as critical. This issue affects some unknown processing of the component jQuery. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2019-11358. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

In a development that has left students, parents, and educators frustrated, Microsoft’s Family Safety feature is now blocking all versions of Google Chrome from launching on Windows devices. The issue, which first surfaced in early June, has persisted for over two weeks without an official fix or comment from Microsoft, raising concerns about both digital […]

The post Microsoft Family Safety Now Blocking All Versions of Google Chrome appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as problematic, was found in Apple iOS up to 10.3.2. Affected is an unknown function of the component WebKit. The manipulation leads to cross site scripting (Universal). This vulnerability is traded as CVE-2017-7089. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Cyber Fattah leaked thousands of records on athletes and visitors from past Saudi Games, per U.S.-based cybersecurity firm Resecurity. Resecurity (USA) identified the threat actors associated with the “Cyber Fattah” movement leaked thousands of records containing information about visitors and athletes from past Saudi Games, one of the major sports events in the Kingdom. The […]

A vulnerability, which was classified as critical, was found in Microsoft SQL Server 2000. This affects an unknown part of the component Resolution Service. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2002-0649. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

 A former U.S. Army sergeant who served at Joint Base Lewis-McChord (JBLM) in Washington has pleaded guilty to federal charges after admitting he tried to deliver sensitive military secrets to Chinese authorities.  Joseph Daniel Schmidt, 31, entered his plea in U.S. District Court in Seattle, acknowledging two felonies: attempting to deliver national defense information and […]

The post Former JBLM Soldier Admits Attempting to Leak U.S. Military Network Details to China appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Криптография защитила преступников от полиции. Но не защитила детей от преступников.