Posts of last 24 hours
The National Association of Insurance Commissioners (NAIC) says the ShinyHunters extortion group stole only publicly available data, outdated logs, and configuration files after breaching its systems by exploiting a zero-day vulnerability in an Oracle PeopleSoft server. [...]
https://www.bleepingcomputer.com/news/security/naic-says-public-data-stolen-in-shinyhunters-peoplesoft-breach/
Does life feel Orwellian sometimes? One researcher has a solution for you: graphic tees that confuse the neural networks in surveillance cameras.
https://www.darkreading.com/cyber-risk/clothes-invisible-facial-recognition
A vulnerability classified as critical has been found in SimpleHelp up to 5.5.15/6.0 RC1. Affected is an unknown function of the component Multi-Factor Authentication. Performing a manipulation results in improper verification of cryptographic signature.
This vulnerability is reported as CVE-2026-48558. The attack is possible to be carried out remotely. Moreover, an exploit is present.
It is recommended to upgrade the affected component.
https://vuldb.com/vuln/370678
A vulnerability classified as critical has been found in Microsoft Defender Antimalware Platform. Affected by this issue is some unknown functionality. The manipulation leads to insufficient granularity of access control.
This vulnerability is referenced as CVE-2026-33825. The attack can only be performed from a local environment. Furthermore, an exploit is available.
It is recommended to upgrade the affected component.
https://vuldb.com/vuln/357546
A vulnerability, which was classified as critical, has been found in Nsasoft Nsauditor SpotFTP FTP Password Recovery 3.0.0.0. This affects an unknown part of the component Registration Handler. Performing a manipulation of the argument Key results in out-of-bounds write.
This vulnerability was named CVE-2020-37208. The attack needs to be approached locally. In addition, an exploit is available.
https://vuldb.com/vuln/345634
A vulnerability was found in Nsasoft Nsauditor SpotFTP FTP Password Recovery 3.0.0.0. It has been classified as critical. The affected element is an unknown function of the component Registration Handler. This manipulation of the argument Name causes buffer overflow.
This vulnerability is tracked as CVE-2020-37209. The attack is restricted to local execution. Moreover, an exploit is present.
https://vuldb.com/vuln/345638
A vulnerability was found in Nsasoft Nsauditor SpotIE 2.9.5. It has been declared as critical. The impacted element is an unknown function of the component Registration Handler. Such manipulation of the argument Key leads to buffer overflow.
This vulnerability is listed as CVE-2020-37210. The attack must be carried out locally. In addition, an exploit is available.
https://vuldb.com/vuln/345639
A vulnerability was found in Nsasoft Nsauditor SpotIM 2.2. It has been rated as critical. This affects an unknown function of the component Registration Handler. Performing a manipulation of the argument Name results in buffer overflow.
This vulnerability is cataloged as CVE-2020-37211. The attack must be initiated from a local position. Furthermore, there is an exploit available.
https://vuldb.com/vuln/345640
A vulnerability categorized as critical has been discovered in Nsasoft Nsauditor SpotMSN 2.4.6. This impacts an unknown function of the component Registration Handler. Executing a manipulation of the argument Name can lead to buffer overflow.
This vulnerability is registered as CVE-2020-37212. The attack needs to be launched locally. Furthermore, an exploit is available.
https://vuldb.com/vuln/345641
A vulnerability was found in Nsasoft Nsauditor SpotAuditor SpotAuditor 5.3.1.0. It has been rated as critical. This impacts an unknown function of the component Registration Handler. Performing a manipulation of the argument Name results in stack-based buffer overflow.
This vulnerability is known as CVE-2019-25434. Attacking locally is a requirement. Furthermore, an exploit is available.
https://vuldb.com/vuln/347236