Aggregator

A vulnerability was found in Postoaktraffic AWAM Bluetooth Reader. It has been classified as critical. Affected is an unknown function of the component Bluetooth. The manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2012-4687. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as critical has been found in Voltronic Power ViewPower Pro. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2023-51574. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in mintplex-labs anything-llm up to 0.x. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/system/upload-logo of the component Logo Filename Handler. The manipulation leads to relative path traversal. This vulnerability is handled as CVE-2024-3025. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in mintplex-labs anything-llm up to 0.x. This affects an unknown part of the component Multi-User Mode. The manipulation of the argument multi_user_mode leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-3101. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in mintplex-labs anything-llm up to 0.x. Affected by this vulnerability is an unknown functionality of the file /admin/system-preferences of the component Setting Handler. The manipulation leads to dynamically-determined object attributes. This vulnerability is known as CVE-2024-3283. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in mintplex-labs anything-llm up to 0.x and classified as problematic. This vulnerability affects unknown code of the component Just Me Mode. The manipulation leads to resource consumption. This vulnerability was named CVE-2024-3569. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in mintplex-labs anything-llm and classified as problematic. This issue affects the function dangerouslySetInnerHTML. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-3570. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in mintplex-labs anything-llm up to 0.x. This affects an unknown part of the file /api/invite/:code of the component Account Creation Handler. The manipulation leads to dynamically-determined object attributes. This vulnerability is uniquely identified as CVE-2024-0404. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in mintplex-labs anything-llm up to 0.x. This issue affects some unknown processing of the component File Handler. The manipulation leads to relative path traversal. The identification of this vulnerability is CVE-2024-0549. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in mintplex-labs anything-llm up to 0.x. Affected by this issue is some unknown functionality of the component system-preferences API Endpoint. The manipulation of the argument logo_filename leads to improper input validation. This vulnerability is handled as CVE-2024-3028. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in mintplex-labs anything-llm up to 0.x. This affects an unknown part of the file /system/enable-multi-user of the component JSON Payload Handler. The manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-3029. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Ransomware Attack Update for the 9th of July 2025

For browsers, exploitation is out — and getting users to compromise their own systems is in. Improved browser security has forced attackers to adapt their tactics, and they've accepted the challenge.

Alleged Data Breach of Tradeify

Alleged Data Breach and Panel Access Sale at Style Theory

Microsoft has confirmed a widespread issue in Windows Server Update Services (WSUS) that prevents organizations from syncing with Microsoft Update and deploying the latest Windows updates. [...]

The court in Leipzig ruled that Meta must pay €5,000 ($5,900) to a German Facebook user who sued the platform for embedding tracking technology in third-party websites — a ruling that could open the door to other lawsuits.

Australian airline Qantas has confirmed that 5.7 million people have been impacted by a recent data breach, in which threat actors stole customers' data. [...]