Aggregator

作为生成式 AI 最主要的硬件供应商，英伟达股价周三上涨逾 2%，市值突破 4 万亿美元，成为历史上第一家 4 万亿美元市值的企业。英伟达如今是全球市场第一的企业，超过了微软和苹果，两家公司在英伟达之前市值突破 3 万亿美元，但尚未达到 4 万亿美元。英伟达总部位于加州，成立于 1993 年，在 ChatGPT 掀起的生成式 AI 热中，它的股价一路高涨，2024 年 2 月其市值首次突破 2 万亿美元，6 月突破 3 万亿美元。

A vulnerability was found in Nouvola DiveCloud Plugin up to 1.08 on Jenkins. It has been rated as critical. This issue affects some unknown processing of the component Controller File System Handler. The manipulation leads to permission issues. The identification of this vulnerability is CVE-2025-53670. The attack can only be done within the local network. There is no exploit available.

A vulnerability classified as problematic has been found in Realtek RTL8762EKF-EVB RTL8762E SDK 1.4.0. Affected is the function LL_Length_Req of the component Bluetooth Low Energy. The manipulation leads to denial of service. This vulnerability is traded as CVE-2025-44526. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

A vulnerability was found in Dead Mans Snitch Plugin 0.1 on Jenkins. It has been declared as critical. This vulnerability affects unknown code of the component Controller File System Handler. The manipulation leads to permission issues. This vulnerability was named CVE-2025-53666. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in QMetry Test Management Plugin up to 1.13 on Jenkins. It has been classified as critical. This affects an unknown part of the component Controller File System Handler. The manipulation leads to permission issues. This vulnerability is uniquely identified as CVE-2025-53659. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability was found in Apica Loadtest Plugin up to 1.10 on Jenkins and classified as problematic. Affected by this issue is some unknown functionality of the component Job Configuration Form Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2025-53665. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as critical, was found in IFTTT Build Notifier Plugin up to 1.2 on Jenkins. Affected is an unknown function of the component Controller File System Handler. The manipulation leads to permission issues. This vulnerability is traded as CVE-2025-53662. The attack needs to be done within the local network. There is no exploit available.

A vulnerability has been found in Apica Loadtest Plugin up to 1.10 on Jenkins and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Controller File System Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-53664. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in IBM Cloud DevOps Plugin up to 2.0.16 on Jenkins. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2025-53663. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic was found in ReadyAPI Functional Testing Plugin up to 1.11 on Jenkins. This vulnerability affects unknown code of the component Job Configuration Form Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-53657. The attack can only be done within the local network. There is no exploit available.

A vulnerability classified as critical has been found in ReadyAPI Functional Testing Plugin up to 1.11 on Jenkins. This affects an unknown part. The manipulation leads to permission issues. This vulnerability is uniquely identified as CVE-2025-53656. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability was found in Statistics Gatherer Plugin up to 2.0.3 on Jenkins. It has been rated as problematic. Affected by this issue is some unknown functionality of the component AWS Secret Key Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2025-53655. Access to the local network is required for this attack to succeed. There is no exploit available.

The Initial Access Broker (IAB) known as Gold Melody has been attributed to a campaign that exploits leaked ASP.NET machine keys to obtain unauthorized access to organizations and peddle that access to other threat actors. The activity is being tracked by Palo Alto Networks Unit 42 under the moniker TGR-CRI-0045, where "TGR" stands for "temporary group" and "CRI" refers to "criminal motivation."

Helix: добро пожаловать в эпоху без тормозов и амнезии.

A vulnerability was found in Statistics Gatherer Plugin up to 2.0.3 on Jenkins. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component AWS Secret Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2025-53654. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in Aqua Security Scanner Plugin up to 3.2.8 on Jenkins. It has been classified as critical. Affected is an unknown function of the file config.xml of the component API. The manipulation leads to permission issues. This vulnerability is traded as CVE-2025-53653. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in HTML Publisher Plugin up to 425 on Jenkins and classified as critical. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2025-53651. The attack needs to be done within the local network. There is no exploit available.

A vulnerability has been found in Realtek AmebaD up to 3.1.8 and classified as critical. This vulnerability affects unknown code of the component WLAN Driver. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2025-49604. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Git Parameter Plugin up to 439.vb_0e46ca_14534 on Jenkins. Affected by this issue is some unknown functionality. The manipulation leads to permission issues. This vulnerability is handled as CVE-2025-53652. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Credentials Binding Plugin up to 687.v619cb_15e923f on Jenkins. This affects an unknown part. The manipulation leads to sensitive information in log files. This vulnerability is uniquely identified as CVE-2025-53650. The attack can only be done within the local network. There is no exploit available.