Aggregator

Submit #631923 / VDB-320901

A vulnerability, which was classified as critical, was found in Cockroach Labs cockroach-k8s-request-cert. This issue affects some unknown processing. Executing manipulation can lead to improper authentication. This vulnerability is handled as CVE-2025-9276. The attack can be executed remotely. There is not any exploit available.

A vulnerability, which was classified as critical, has been found in Oxford Instruments Imaris Viewer. This vulnerability affects unknown code of the component IMS File Parser. Performing manipulation results in uninitialized pointer. This vulnerability is known as CVE-2025-9274. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as critical was found in Oxford Instruments Imaris Viewer. This affects an unknown part of the component IMS File Parser. Such manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2025-9275. The attack may be launched remotely. There is no exploit available.

图：2025年7月8日报道截图。一场隐秘但震撼的军事变革正在T海悄然上演。

当前环境出现异常状态，需完成验证后方可继续访问。

当前环境出现异常，请完成验证后继续访问。

A vulnerability classified as critical has been found in Ubiquiti UISP Application up to 2.4.219. Affected by this issue is some unknown functionality. This manipulation causes server-side request forgery. This vulnerability appears as CVE-2025-27217. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.

文章探讨了企业级单点登录（SSO）如何简化教育机构的数字访问流程。通过一次登录即可访问所有系统，减少密码疲劳和时间浪费，同时提升安全性和效率。SSO不仅方便师生使用各类平台，还能快速管理权限变更，并降低IT支持压力。尽管实施需规划和培训，但其带来的无缝体验对教育环境至关重要。

Discover how Enterprise SSO simplifies digital access for students and staff, cuts login frustration, and reduces IT load without compromising security or usability

The post Enterprise SSO for Schools: Simplifying Staff and Student Access appeared first on Security Boulevard.

A vulnerability described as problematic has been identified in browserify cipher-base up to 1.0.4. Affected by this vulnerability is an unknown functionality. The manipulation results in improper input validation. This vulnerability is reported as CVE-2025-9287. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability marked as problematic has been reported in browserify sha.js up to 2.4.11. Affected is an unknown function. The manipulation leads to improper input validation. This vulnerability is documented as CVE-2025-9288. The attack can be initiated remotely. There is not any exploit available. To fix this issue, it is recommended to deploy a patch.

A vulnerability labeled as critical has been found in Ubiquiti UISP Application up to 2.4.219. This impacts an unknown function. Executing manipulation can lead to permission issues. This vulnerability is registered as CVE-2025-27216. The attack requires access to the local network. No exploit is available. The affected component should be upgraded.

A vulnerability identified as problematic has been detected in Intermesh Group-Office up to 6.8.118/25.0.19. This affects an unknown function. Performing manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2025-53504. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability categorized as critical has been discovered in Ubiquiti UniFi Connect EV Station Pro up to 1.5.26. The impacted element is an unknown function. Such manipulation leads to missing authentication. This vulnerability is listed as CVE-2025-27214. The attack must be carried out from within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability was found in Intermesh Group-Office up to 6.8.118/25.0.19. It has been rated as critical. The affected element is an unknown function. This manipulation causes path traversal. This vulnerability is tracked as CVE-2025-53505. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability was found in ProveSource Social Proof Plugin up to 3.0.5 on WordPress. It has been declared as problematic. Impacted is an unknown function. The manipulation results in exposure of sensitive system information to an unauthorized control sphere. This vulnerability is identified as CVE-2025-48355. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Ubiquiti EdgeMAX EdgeSwitch up to 1.11.0. It has been classified as critical. This issue affects some unknown processing. The manipulation leads to command injection. This vulnerability is referenced as CVE-2025-48978. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in Ubiquiti UniFi Connect Display Cast, UniFi Connect Display Cast Pro and UniFi Connect Display Cast Lite up to 1.10.6 and classified as critical. This vulnerability affects unknown code. Executing manipulation can lead to improper access controls. The identification of this vulnerability is CVE-2025-27215. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.