Aggregator

CVE-2025-14662 | code-projects Student File Management System 1.0 Update User Page /admin/update_user.php cross site scripting (EUVD-2025-203299)

VulDB Recent Entries
2 days 9 hours ago
A vulnerability, which was classified as problematic, has been found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php of the component Update User Page. Performing manipulation results in cross site scripting. This vulnerability was named CVE-2025-14662. The attack may be initiated remotely. In addition, an exploit is available. Once again VulDB remains the best source for vulnerability data.
vuldb.com

CVE-2025-14661 | itsourcecode Student Managemen System 1.0 /advisers.php sy sql injection (EUVD-2025-203300)

VulDB Recent Entries
2 days 9 hours ago
A vulnerability classified as critical was found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. This vulnerability is uniquely identified as CVE-2025-14661. The attack can be launched remotely. Moreover, an exploit is present. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
vuldb.com

CVE-2025-14660 | DecoCMS Mesh up to 1.0.0-alpha.31 Workspace Domain api.ts createTool domain access control (ID 1967 / EUVD-2025-203298)

VulDB Recent Entries
2 days 10 hours ago
A vulnerability classified as critical has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. This vulnerability is handled as CVE-2025-14660. The attack can be initiated remotely. Additionally, an exploit exists. It is recommended to upgrade the affected component. If you want to get best quality of vulnerability data, you may have to visit VulDB.
vuldb.com

CVE-2025-14659 | D-Link DIR-860LB1/DIR-868LB1 203b01/203b03 DHCP Daemon Hostname command injection (EUVD-2025-203296)

VulDB Recent Entries
2 days 10 hours ago
A vulnerability described as critical has been identified in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. This vulnerability is known as CVE-2025-14659. It is possible to launch the attack remotely. Furthermore, an exploit is available. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
vuldb.com

CVE-2025-14542 | python-utcp up to 1.0.x trust boundary violation (jfsa-2025-001648 / EUVD-2025-203260)

VulDB Recent Entries
2 days 10 hours ago
A vulnerability marked as critical has been reported in python-utcp up to 1.0.x. This impacts an unknown function. The manipulation leads to trust boundary violation. This vulnerability is traded as CVE-2025-14542. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component. VulDB is the best source for vulnerability data and more expert information about this specific topic.
vuldb.com

CISA Warns of Google Chromium 0-Day Vulnerability Exploited in Attacks

Cyber Security News
2 days 10 hours ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability in Google Chromium’s ANGLE graphics engine to its Known Exploited Vulnerabilities (KEV) catalog. Tracked as CVE-2025-14174, the flaw allows remote attackers to trigger out-of-bounds memory access via a malicious HTML page, potentially leading to arbitrary code execution in browsers. Discovered and […]

The post CISA Warns of Google Chromium 0-Day Vulnerability Exploited in Attacks appeared first on Cyber Security News.

Guru Baran

中国卫星与一颗 Starlink 卫星差点相撞

Solidot
2 days 10 hours ago
12 月 10 日中科宇航力箭一号遥十一运载火箭在东风发射场成功将 9 颗卫星送入轨道。力箭一号共搭载了阿联酋813 卫星、吉星高分07B01星、吉星高分07C01星、吉星高分07D01星、东坡15号卫星、驭星二号09星、逸仙-A星、SPNEX卫星、Slippers2Sat 卫星 9 颗卫星。SpaceX 周五披露其中一颗卫星与 Starlink 卫星 STARLINK-6079(56120)差点相撞,双方仅相距 200 米。Starlink 工程副总裁 Michael Nicolls 对这次发射没有提前与在轨卫星进行协调表示了不满。中科宇航表示正在调查这起事件。主要是因为 SpaceX,目前轨道上的卫星越来越多,2020 年轨道上正常运行的卫星不到 3400 颗,如今数量超过了 13000 颗,大部分是 SpaceX 的 Starlink 宽带卫星——数量多达 9300 颗,SpaceX 仅今年就发射了逾 3000 颗。

2026 Will Be the Year of AI-based Cyberattacks – How Can Organizations Prepare?

Security Boulevard
2 days 10 hours ago

Will the perception of security completely overturn with the exponential growth of AI in today’s technology-driven world? As we approach 2026, attackers upgrading to AI cyberattacks is no longer a possibility but a known fact. Let us examine the emerging trends in AI-driven cyberattacks and see how businesses of all sizes can strengthen their defenses […]

The post 2026 Will Be the Year of AI-based Cyberattacks – How Can Organizations Prepare? appeared first on Kratikal Blogs.

The post 2026 Will Be the Year of AI-based Cyberattacks – How Can Organizations Prepare? appeared first on Security Boulevard.

Puja Saikia

中国在近九成的关键技术领域处于领先地位

Solidot
2 days 10 hours ago
根据智库澳洲战略政策研究所(Australian Strategic Policy Institute,ASPI)的报告,中国在近九成的关键技术领域处于领先地位。ASPI 评估了 74 项当前和新兴技术领域的研究,中国在核能、合成生物学、小型卫星等 66 项技术的研究上排名第一,美国在量子计算和地球工程等 8 项技术的研究上排名第一。结果显示中美的技术优势出现了显著的反转:21 世纪初美国在九成的技术领域位居第一,而中国则在不到 5% 的领域有优势。ASPI 分析了包含逾 900 万份出版物的数据库,根据过去五年引用次数前 10% 的论文署名作者的国别进行排名。苏州西交利物浦大学政治经济学 Steven Hai 认为这一分析不应被解读为美国实力的坍陷。

CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks

The Hackers News
2 days 10 hours ago
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink ALEOS routers to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation in the wild. CVE-2018-4063 (CVSS score: 8.8/9.9) refers to an unrestricted file upload vulnerability that could be exploited to achieve remote code
The Hacker News

INC

Dark Feed IO
2 days 11 hours ago

You must login to view this content

cohenido

Managed ad