Aggregator

Tumblr 搁置后端迁移到 WordPress 和联邦宇宙整合的计划

8 months 4 weeks ago

Tumblr 母公司 Automattic 搁置了将 Tumblr 后端迁移至 WordPress 的计划。Automattic CEO Matt Mullenweg 表示未来的重心将转向提供用户迫切要求的功能。WordPress.com 提供了支持联邦宇宙（Fediverse）的 ActivityPub 协议插件，搁置迁移计划也意味着集成联邦宇宙（Fediverse）的计划暂停了。但 Mullenweg 表示如果用户迫切想要 ActivityPub，他们会在 Tumblr 代码库上直接实现 ActivityPub 支持。

$4.8 трлн к 2033: open-source отбирает ИИ-рынок у западных гигантов

Securitylab.ru

8 months 4 weeks ago

Как Таиланд превращает open-source в оружие цифрового суверенитета.

INC

Dark Feed IO

8 months 4 weeks ago

You must login to view this content

cohenido

AI Is Enhancing The Traditional Pentesting Approach – A Detailed Analysis

Security Boulevard

8 months 4 weeks ago

For a long time now, traditional pentesting has served as the backbone of proactive cyberdefense strategies across all industries flourishing in the digital realm. Pacing with the time where technology is making history- speed, accuracy, and foresight are paramount when it comes to cybersecurity. With organizations scaling and cyber threats evolving in complexity and frequency, […]

The post AI Is Enhancing The Traditional Pentesting Approach – A Detailed Analysis appeared first on Kratikal Blogs - Information Hub For Cyber Security Experts.

The post AI Is Enhancing The Traditional Pentesting Approach – A Detailed Analysis appeared first on Security Boulevard.

Puja Saikia

CVE-2025-40732 | Daily Expense Manager 1.0 POST Request /check.php Name information exposure (EUVD-2025-19563)

Vuldb Updates

8 months 4 weeks ago

A vulnerability has been found in Daily Expense Manager 1.0 and classified as problematic. This vulnerability affects unknown code of the file /check.php of the component POST Request Handler. The manipulation of the argument Name leads to information exposure through discrepancy. This vulnerability was named CVE-2025-40732. The attack can be initiated remotely. There is no exploit available.

vuldb.com

CVE-2025-53005 | DataEase up to 2.10.10 PostgreSQL Data Source JDBC Connection substitution characters (GHSA-99c4-h4fq-r23v / EUVD-2025-19595)

Vuldb Updates

8 months 4 weeks ago

A vulnerability, which was classified as critical, has been found in DataEase up to 2.10.10. This issue affects some unknown processing of the component PostgreSQL Data Source JDBC Connection Handler. The manipulation leads to improper neutralization of substitution characters. The identification of this vulnerability is CVE-2025-53005. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-49521 | Red Hat Ansible Automation Platform EDA Component code injection (RHSA-2025:9986 / EUVD-2025-19586)

Vuldb Updates

8 months 4 weeks ago

A vulnerability classified as critical was found in Red Hat Ansible Automation Platform. Affected by this vulnerability is an unknown functionality of the component EDA Component. The manipulation leads to code injection. This vulnerability is known as CVE-2025-49521. The attack can be launched remotely. There is no exploit available.

vuldb.com

CVE-2024-46992 | Electron up to 30.0.4/31.0.0-alpha.1 integrity check (GHSA-xw5q-g62x-2qjc / EUVD-2024-54718)

Vuldb Updates

8 months 4 weeks ago

A vulnerability has been found in Electron up to 30.0.4/31.0.0-alpha.1 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper validation of integrity check value. This vulnerability was named CVE-2024-46992. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-53095 | LizardByte Sunshine 0.16/0.17/0.18.0/0.23.0/2025.118.151840 cross-site request forgery (GHSA-39hj-fxvw-758m / EUVD-2025-19597)

Vuldb Updates

8 months 4 weeks ago

A vulnerability was found in LizardByte Sunshine 0.16/0.17/0.18.0/0.23.0/2025.118.151840. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-53095. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-6940 | TOTOLINK A702R 4.0.0-B20230721.1521 HTTP POST Request formParentControl submit-url buffer overflow (EUVD-2025-19600)

Vuldb Updates

8 months 4 weeks ago

A vulnerability classified as critical was found in TOTOLINK A702R 4.0.0-B20230721.1521. Affected by this vulnerability is an unknown functionality of the file /boafrm/formParentControl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is known as CVE-2025-6940. The attack can be launched remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2024-36347 | AMD EPYC CPU ROM Microcode Patch Loader signature verification (EUVD-2024-54719 / Nessus ID 232192)

Vuldb Updates

8 months 4 weeks ago

A vulnerability classified as critical was found in AMD EPYC. Affected by this vulnerability is an unknown functionality of the component CPU ROM Microcode Patch Loader. The manipulation leads to improper verification of cryptographic signature. This vulnerability is known as CVE-2024-36347. It is possible to launch the attack on the local host. There is no exploit available.

vuldb.com

Почему защищать целый регион оказалось проще, чем одну организацию?

Securitylab.ru

8 months 4 weeks ago

Как измерить защищенность целого региона? Рассказали в новой статье о том, как компания СайберОК принимала участие в проекте «Киберустойчивый регион», запущенный на масштабах целого региона РФ

Nieuwe reservistenafdeling slaat brug tussen Defensie en samenleving

Defensie.nl - Nieuwsberichten

8 months 4 weeks ago

Reservisten spelen een belangrijke rol in de versterking van de krijgsmacht. Defensie wil daarom in 2030 minstens 20.000 van deze deeltijdmilitairen in dienst te hebben. De nieuwe Afdeling Reservisten en Samenleving (AReS) moet daarbij helpen. Deze sectie slaat een brug tussen Defensie en de samenleving.

Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root

Cyber Security News

8 months 4 weeks ago

A critical security vulnerability in the widely used Linux Sudo utility has been disclosed, allowing any local unprivileged user to escalate privileges to root access. Summary1. CVE-2025-32463 affects Sudo versions 1.9.14-1.9.17, enabling privilege escalation to root.2. Exploitation uses the chroot option (-R) to manipulate the NSS system and load malicious libraries.3. Impact affects default configurations […]

The post Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root appeared first on Cyber Security News.

Guru Baran

CVE-2025-49886 | WebGeniusLab Zikzag Core Plugin up to 1.4.5 on WordPress filename control

Vuldb Updates

8 months 4 weeks ago

A vulnerability was found in WebGeniusLab Zikzag Core Plugin up to 1.4.5 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). The identification of this vulnerability is CVE-2025-49886. The attack may be initiated remotely. There is no exploit available.

vuldb.com

CVE-2025-52723 | codesupplyco Networker Plugin up to 1.2.0 on WordPress filename control

Vuldb Updates

8 months 4 weeks ago

A vulnerability was found in codesupplyco Networker Plugin up to 1.2.0 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is traded as CVE-2025-52723. It is possible to launch the attack remotely. There is no exploit available.

vuldb.com

CVE-2025-49448 | Fastw3b FW Food Menu Plugin up to 6.0.0 on WordPress path traversal

Vuldb Updates

8 months 4 weeks ago

A vulnerability has been found in Fastw3b FW Food Menu Plugin up to 6.0.0 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. This vulnerability is known as CVE-2025-49448. The attack can be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-49885 | HaruTheme Drag and Drop Multiple File Upload Plugin up to 5.0.6 on WordPress unrestricted upload

Vuldb Updates

8 months 4 weeks ago

A vulnerability was found in HaruTheme Drag and Drop Multiple File Upload Plugin up to 5.0.6 on WordPress and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2025-49885. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-50052 | flexostudio Flexo Counter Plugin up to 1.0001 on WordPress cross site scripting

Vuldb Updates

8 months 4 weeks ago

A vulnerability classified as problematic was found in flexostudio Flexo Counter Plugin up to 1.0001 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-50052. The attack can be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-52724 | BoldThemes Amwerk Plugin up to 1.2.0 on WordPress deserialization

Vuldb Updates

8 months 4 weeks ago

A vulnerability was found in BoldThemes Amwerk Plugin up to 1.2.0 on WordPress. It has been classified as critical. Affected is an unknown function. The manipulation leads to deserialization. This vulnerability is traded as CVE-2025-52724. It is possible to launch the attack remotely. There is no exploit available.

vuldb.com

Aggregator

Managed ad