Aggregator

近年来，随着我国半导体产业链加速全球化布局，企业在海外发展过程中面临着日益严峻的挑战。以美国为首的西方国家通过一系列具有针对性的措施，对我国半导体产业链实施全方位限制。

为支持开展建设性对话，实现更加均衡的治理路径，我们，金砖国家领导人一致同意制定一系列指导方针，以负责任方式推动人工智能技术开发、部署和应用，助力实现可持续发展和包容性增长。

GTT Communications extended its alliance with Palo Alto Networks to include an additional managed secure access service edge (SASE) offering.

The post GTT Extends Palo Alto Networks Alliance to Add Managed SASE Service appeared first on Security Boulevard.

A vulnerability was found in code-projects Modern Bag 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /action.php. The manipulation of the argument proId leads to sql injection. This vulnerability is handled as CVE-2025-7461. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. This vulnerability is known as CVE-2025-7460. The attack can be launched remotely. Furthermore, there is an exploit available.

Currently trending CVE - Hype Score: 39

Submit #610055 / VDB-316112

A vulnerability, which was classified as critical, was found in Schneider Electric EcoStruxure IT Data Center Expert. Affected is an unknown function of the component Header Handler. The manipulation of the argument Host leads to server-side request forgery. This vulnerability is traded as CVE-2025-50125. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in Schneider Electric EcoStruxure IT Data Center Expert. This issue affects some unknown processing. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2025-50124. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to apply a patch to fix this issue.

Submit #609819 / VDB-316111

A vulnerability classified as critical was found in code-projects Mobile Shop 1.0. This vulnerability affects unknown code of the file /EditMobile.php. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2025-7459. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #609795 / VDB-254582

Security researchers have discovered two critical vulnerabilities in RapidFire Tools Network Detective, a widely-used network assessment and reporting tool developed by Kaseya, that expose sensitive credentials to potential attackers. The flaws, disclosed on July 10th, 2025, affect organizations using the tool for network security assessments and could enable threat actors to access administrative credentials and […]

The post RapidFire Network Detective Vulnerabilities Expose Sensitive Data to Threat Actors appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

任何以高收益为噱头，需拉人头才能获利的平台，都应高度警惕。

Submit #609657 / VDB-316108

A vulnerability classified as problematic has been found in Schneider Electric EcoStruxure IT Data Center Expert. This affects an unknown part of the component SOAP API. The manipulation leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2025-6438. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Schneider Electric EcoStruxure IT Data Center Expert. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to code injection. This vulnerability is handled as CVE-2025-50123. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Schneider Electric EcoStruxure IT Data Center Expert. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Installation/Upgrade. The manipulation leads to insufficient entropy. This vulnerability is known as CVE-2025-50122. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Schneider Electric EcoStruxure IT Data Center Expert. It has been classified as critical. Affected is an unknown function of the component Web Interface. The manipulation leads to os command injection. This vulnerability is traded as CVE-2025-50121. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in huggingface transformers up to 4.52.0 and classified as problematic. This issue affects the function token2json of the component API Service. The manipulation leads to inefficient regular expression complexity. The identification of this vulnerability is CVE-2025-3933. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.