INC
You must login to view this content
Aggregator
CVE-2025-41687 | Weidmueller IE-SR-2TX-WL u-link Management API stack-based overflow (VDE-2025-052 / EUVD-2025-22434)
6 months 3 weeks ago
A vulnerability, which was classified as critical, was found in Weidmueller IE-SR-2TX-WL, IE-SR-2TX-WL-4G-EU and IE-SR-2TX-WL-4G-US-V. Affected is an unknown function of the component u-link Management API. The manipulation leads to stack-based buffer overflow.
This vulnerability is traded as CVE-2025-41687. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-8070 | ASUSTOR ABP/AES Windows Service Configuration unquoted search path (EUVD-2025-22418)
6 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in ASUSTOR ABP and AES. This issue affects some unknown processing of the component Windows Service Configuration. The manipulation leads to unquoted search path.
The identification of this vulnerability is CVE-2025-8070. The attack needs to be approached locally. There is no exploit available.
vuldb.com
CVE-2025-41684 | Weidmueller IE-SR-2TX-WL Main Web Interface tls_iotgen_setting os command injection (VDE-2025-052 / EUVD-2025-22435)
6 months 3 weeks ago
A vulnerability classified as critical was found in Weidmueller IE-SR-2TX-WL, IE-SR-2TX-WL-4G-EU and IE-SR-2TX-WL-4G-US-V. This vulnerability affects unknown code of the file tls_iotgen_setting of the component Main Web Interface. The manipulation leads to os command injection.
This vulnerability was named CVE-2025-41684. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-41683 | Weidmueller IE-SR-2TX-WL Main Web Interface event_mail_test os command injection (VDE-2025-052 / EUVD-2025-22436)
6 months 3 weeks ago
A vulnerability classified as critical has been found in Weidmueller IE-SR-2TX-WL, IE-SR-2TX-WL-4G-EU and IE-SR-2TX-WL-4G-US-V. This affects an unknown part of the file event_mail_test of the component Main Web Interface. The manipulation leads to os command injection.
This vulnerability is uniquely identified as CVE-2025-41683. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Windows 11 Gets New Black Screen of Death With Auto Recovery Tool
6 months 3 weeks ago
Microsoft has unveiled significant improvements to Windows 11’s system recovery capabilities, introducing a redesigned Black Screen of Death restart screen alongside an automated Quick Machine Recovery (QMR) tool. These enhancements are part of the broader Windows Resiliency Initiative (WRI), designed to minimize downtime and streamline recovery processes when system failures occur. Key Takeaways1. Windows 11's […]
The post Windows 11 Gets New Black Screen of Death With Auto Recovery Tool appeared first on Cyber Security News.
Guru Baran
CVE-2025-31701 | Dahua IPC/SD protection mechanism (EUVD-2025-22419)
6 months 3 weeks ago
A vulnerability was found in Dahua IPC and SD. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to protection mechanism failure.
This vulnerability is handled as CVE-2025-31701. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-31700 | Dahua IPC/SD protection mechanism (EUVD-2025-22420)
6 months 3 weeks ago
A vulnerability was found in Dahua IPC and SD. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to protection mechanism failure.
This vulnerability is known as CVE-2025-31700. The attack can be launched remotely. There is no exploit available.
vuldb.com
WiFi-карты выживания: регионы России учатся жить без мобильной связи
6 months 3 weeks ago
Проверьте, где в вашем городе ловит WiFi.
云上应急响应理论基础
6 months 3 weeks ago
在应急响应和取证工作中,我们越来越频繁地面对一个现实:大量关键业务和数据已经不在传统机房,而是在云上运行。理解阅读更多
Zgao
Умерла? Не страшно. Windows 11 сама встанет из WinRE, найдёт патч и воскреснет без вас
6 months 3 weeks ago
Что обещает нам апдейт KB5062660?
Американский патриот 11 лет строил карьеру ради одной кражи секретов для Китая
6 months 3 weeks ago
Американский инженер признался в краже военных секретов.
CISA Warns of Microsoft SharePoint Code Injection and Authentication Vulnerability Exploited in Wild
6 months 3 weeks ago
CISA has issued an urgent warning regarding two critical Microsoft SharePoint vulnerabilities that threat actors are actively exploiting in the wild. The vulnerabilities, designated as CVE-2025-49704 and CVE-2025-49706, pose significant risks to organizations running on-premises SharePoint servers and have been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog with an immediate remediation deadline. Key Takeaways1. […]
The post CISA Warns of Microsoft SharePoint Code Injection and Authentication Vulnerability Exploited in Wild appeared first on Cyber Security News.
Guru Baran
思考小而美
6 months 3 weeks ago
脑子里在盘旋着“小而美”的一些问题,于是提了些问题,感觉脑子清晰一点了。
Заплати или умри — эта схема больше не работает. Британия лишает хакеров главного оружия — ваших денег
6 months 3 weeks ago
Как вымогатели лишились своей главной мотивации для атак?
评估人工智能在零信任中的作用
6 months 3 weeks ago
“零信任”已经从一个抽象的概念框架发展为现代网络安全的核心支柱。
Global Ransomware Attacks Plummet 43% in Q2 2025
6 months 3 weeks ago
NCC Group observed a 43% drop in ransomware attacks in Q2 2025, driven by law enforcement actions and internal conflicts in groups
微软从 Google DeepMind 挖走了至少 24 名 AI 工程师
6 months 3 weeks ago
微软过去六个月从 Google AI 研究部门 DeepMind 至少挖走了 24 名 AI 工程师,硅谷巨头之间的 AI 人才战在火热持续中。本周二,Google Gemini 聊天机器人前工程主管 Amar Subramanya 在职业社交网络 LinkedIn 上发帖宣布自己担任微软企业 AI 副总裁,成为最新一名投奔微软的前 Google AI 工程师。他称赞新雇主的文化氛围耳目一新。其他已加入微软的 DeepMind AI 工程师包括了前工程主管 Sonal Gupta、软件工程师 Adam Sadovsky 和产品经理 Tim Frank。
Анализ CVE-2025-6554: движок возвращал “невидимое” значение вместо ошибки — и открыл память
6 months 3 weeks ago
История одной "дыры", ставшей эксплойтом.
Zero-day в Cisco ISE: критические дыры дают хакерам root-доступ без логина
6 months 3 weeks ago
Каждая минута без апдейта — шанс для незваного гостя.