Aggregator

Apache Traffic Server Vulnerability Allows DoS Attacks Through Memory Exhaustion

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
10 months 2 weeks ago

A newly disclosed vulnerability in Apache Traffic Server (ATS) has raised serious concerns among enterprise users and cloud providers, as attackers can exploit a flaw in the Edge Side Includes (ESI) plugin to trigger denial-of-service (DoS) attacks by exhausting server memory. The vulnerability, tracked as CVE-2025-49763, affects multiple versions of ATS and has prompted urgent […]

The post Apache Traffic Server Vulnerability Allows DoS Attacks Through Memory Exhaustion appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2025-6270 | HDF5 up to 1.14.6 H5FSsection.c H5FS__sect_find_node heap-based overflow (Issue 5580)

VulDB Recent Entries
10 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FS__sect_find_node of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2025-6270. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-6269 | HDF5 up to 1.14.6 H5Cimage.c H5C__reconstruct_cache_entry heap-based overflow (Issue 5579)

VulDB Recent Entries
10 months 2 weeks ago
A vulnerability classified as critical was found in HDF5 up to 1.14.6. Affected by this vulnerability is the function H5C__reconstruct_cache_entry of the file H5Cimage.c. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2025-6269. Attacking locally is a requirement. Furthermore, there is an exploit available.
vuldb.com

石油巨头面临首宗气候死亡诉讼

Solidot
10 months 2 weeks ago
2021 年 6 月 28 日,一股热浪席卷西雅图,气温升至创该市记录的 42 摄氏度。当天 Juliana Leon 被发现昏迷在车内,不久后因体温过高(Hyperthermia)而死亡。现在她的女儿 Misti Leon 向华盛顿的一家法庭起诉了包括埃克森美孚、雪佛龙、壳牌和英国石油在内的七家石油和天然气公司,指控这些公司过失致死(wrongful death)。她声称这些公司通过生产销售化石燃料,加剧了导致她母亲死亡的极端高温。起诉书称,这些公司几十年来一直知道其“化石燃料产品在改变地球大气层”。诉讼指控这些公司创造了一种“依赖化石燃料的经济”,导致“更频繁、更具破坏性的天气灾害以及可预见的人员伤亡”。归因科学研究认定,如果没有人为气候变化,2021 年的热浪“几乎不可能发生”。诉讼寻求赔偿,并为开展关于化石燃料在全球暖化中作用的公众教育活动提供资金。

CVE-2025-6268 | Luna Imaging up to 7.5.5.6 search q cross site scripting

VulDB Recent Entries
10 months 2 weeks ago
A vulnerability classified as problematic has been found in Luna Imaging up to 7.5.5.6. Affected is an unknown function of the file /luna/servlet/view/search. The manipulation of the argument q leads to cross site scripting. This vulnerability is traded as CVE-2025-6268. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6267 | zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 barcodeDetail sql injection

VulDB Recent Entries
10 months 2 weeks ago
A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /adpweb/a/base/barcodeDetail/. The manipulation of the argument barcodeNo/barcode/itemNo leads to sql injection. The identification of this vulnerability is CVE-2025-6267. The attack may be initiated remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2025-6266 | FLIR AX8 up to 1.46 /upload.php File unrestricted upload

VulDB Recent Entries
10 months 2 weeks ago
A vulnerability was found in FLIR AX8 up to 1.46. It has been declared as critical. This vulnerability affects unknown code of the file /upload.php. The manipulation of the argument File leads to unrestricted upload. This vulnerability was named CVE-2025-6266. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

Managed ad