Aggregator

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon MDM, Snapdragon Mobile, Snapdragon Technology, Snapdragon WBC and Snapdragon Wearables and classified as problematic. This issue affects some unknown processing of the component Hypervisor. The manipulation leads to buffer over-read. The identification of this vulnerability is CVE-2024-43056. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WBC and Snapdragon Wearables. Affected is an unknown function. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21424. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in thomstark File Away Plugin up to 3.9.9.0.1 on WordPress. This affects the function Upload. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2025-2512. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in thomstark File Away Plugin up to 3.9.9.0.1 on WordPress. Affected is the function ajax. The manipulation leads to risky cryptographic algorithm. This vulnerability is traded as CVE-2025-2539. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in WP Compress Plugin up to 6.20.13 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-47384. The attack can be launched remotely. There is no exploit available.

Native phishing turns trusted tools into attack delivery systems. Varonis shows how attackers weaponize Microsoft 365 apps, like OneNote & OneDrive, to send convincing internal lures and how to spot them before they spread. [...]

根据发表在《The American Journal of Clinical Nutrition》期刊上的一项研究，素食者罹患癌症的风险比肉食者低 12%，纯素食者罹患癌症的风险比肉食者低 24%。研究使用了始于 2002-2007 年的 Adventist Health Study 数据，涉及到 95,863 名北美基督复临安息日会信徒，有 79,468 名信徒最初未患有癌症。基督复临安息日会是基督新教教派之一，推崇素食饮食。结果显示，相比肉食者，素食者整体癌症风险低约 12%，中等发病率癌症的风险降低约 18%。素食者患乳腺癌、结直肠癌、前列腺癌、胃癌和淋巴增生性癌症的风险较低。

In a statement on Monday, Finland’s National Prosecution Authority said they had brought aggravated criminal mischief and aggravated interference with communications charges against the three senior officers aboard the Eagle S, a tanker registered in the Cook Islands.

A vulnerability was found in User Language Switch Plugin up to 1.6.10 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-49064. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in WP-jScrollPane Plugin up to 2.0.3 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-49062. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Porn Videos Embed Plugin up to 0.9.1 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-49061. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Cost Calculator Plugin up to 7.4 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-54046. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Rentsyst Plugin up to 2.0.100 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-48152. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in PhpTax 0.8. Affected by this vulnerability is the function exec of the file drawimage.php. The manipulation of the argument pfilez leads to os command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is known as CVE-2012-10037. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Visit Counter Plugin up to 1.0 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-49065. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Openfiler 2.x. It has been rated as critical. This issue affects the function exec of the file system.html. The manipulation of the argument device leads to os command injection. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2012-10040. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Auxilium RateMyPet. It has been declared as critical. This vulnerability affects unknown code of the file upload_banners.php. The manipulation leads to unrestricted upload. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2012-10038. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in ZEN Load Balancer 2.0/3.0-rc1. It has been classified as critical. This affects the function exec of the file content2-2.cgi. The manipulation of the argument filelog leads to os command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2012-10039. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Multimedia Playlist Slider Addon for WPBakery Page Builder Plugin up to 2.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-48154. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in 多说社会化评论框 Plugin up to 1.2 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2025-49056. The attack can be launched remotely. There is no exploit available.