Aggregator

CVE-2025-7806 | Tenda FH451 1.0.0.9 /goform/SafeClientFilter fromSafeClientFilter Go/page stack-based overflow (EUVD-2025-21935)

VulDB Recent Entries
7 months ago
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. The manipulation of the argument Go/page leads to stack-based buffer overflow. This vulnerability was named CVE-2025-7806. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-7805 | Tenda FH451 1.0.0.9 /goform/PPTPUserSetting fromPptpUserSetting delno stack-based overflow (EUVD-2025-21933)

VulDB Recent Entries
7 months ago
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserSetting of the file /goform/PPTPUserSetting. The manipulation of the argument delno leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-7805. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-53057 | Linux Kernel up to 6.11.6 qdisc_tree_reduce_backlog iteration (Nessus ID 211777 / WID-SEC-2024-3509)

Vuldb Updates
7 months ago
A vulnerability classified as critical was found in Linux Kernel up to 6.11.6. Affected by this vulnerability is the function qdisc_tree_reduce_backlog. The manipulation leads to excessive iteration. This vulnerability is known as CVE-2024-53057. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Microsoft Defender for Office 365 Launches New Dashboard for Enhanced Threat Vector Insights

Cyber Security News
7 months ago

Microsoft today announced the rollout of a revamped customer dashboard in Microsoft Defender for Office 365, designed to deliver unprecedented insights across a broad spectrum of attack vectors.  The new interface gives security teams real-time visibility into threats blocked before delivery, malicious content remediated post-delivery, and even “missed” incidents, all without sacrificing privacy or performance.  […]

The post Microsoft Defender for Office 365 Launches New Dashboard for Enhanced Threat Vector Insights appeared first on Cyber Security News.

Kaaviya

微信安全漏洞复现:无感执行远程代码

火绒安全实验室
7 months ago
近日,微信安全漏洞:目录穿越造成RCE(远程代码执行)在网络传播较为广泛,引起热议。微信3.9及以下版本均存在此问题,建议及时从微信官网下载最新版本进行安装。火绒最新版本病毒库已实现相关防护,请广大用户及时升级火绒病毒库。

Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
7 months ago

A critical security vulnerability has been discovered in Ubiquiti’s UniFi Access devices that could allow malicious actors to inject and execute arbitrary commands on affected systems. The vulnerability, designated as CVE-2025-27212, affects multiple UniFi Access products and carries a maximum CVSS score of 9.8, indicating its severe nature and potential for widespread exploitation. Vulnerability Details […]

The post Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2024-50304 | Linux Kernel up to 6.11.6 net/ipv4/ip_tunnel.c ip_tunnel_find stack-based overflow (f20fe2cfe06c/90e0569dd3d3 / Nessus ID 215144)

Vuldb Updates
7 months ago
A vulnerability was found in Linux Kernel up to 6.11.6 and classified as critical. Affected by this issue is the function ip_tunnel_find of the file net/ipv4/ip_tunnel.c. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2024-50304. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-53043 | Linux Kernel up to 6.1.115/6.6.59/6.11.6 mctp i2c null pointer dereference (Nessus ID 211777 / WID-SEC-2024-3509)

Vuldb Updates
7 months ago
A vulnerability has been found in Linux Kernel up to 6.1.115/6.6.59/6.11.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component mctp i2c. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-53043. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Lenovo Protection Driver Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code

Cyber Security News
7 months ago

A buffer overflow vulnerability in Lenovo Protection Driver could allow local attackers with elevated privileges to execute arbitrary code on affected systems.  The vulnerability, designated as CVE-2025-4657, affects multiple Lenovo applications and poses significant security risks to desktop, ThinkCentre, laptop, and ThinkPad users. Key Takeaways1. Buffer overflow vulnerability allows attackers to execute arbitrary code and […]

The post Lenovo Protection Driver Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code appeared first on Cyber Security News.

Kaaviya

CVE-2025-6227 | Mattermost up to 9.11.16/10.5.7/10.8.x REST API insufficiently protected credentials (EUVD-2025-21876)

VulDB Recent Entries
7 months ago
A vulnerability was found in Mattermost up to 9.11.16/10.5.7/10.8.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the component REST API. The manipulation leads to insufficiently protected credentials. This vulnerability is handled as CVE-2025-6227. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad