PT-2025-27474 · Unknown · Filebrowser

Name of the Vulnerable Software and Affected Versions: File Browser versions 2.32.0 and prior Description: The issue concerns the implementation of password-protected links in File Browser, which is error-prone and can result in potential unprotected sharing of a file through a direct download...

FileBrowser 安全漏洞

FileBrowser is an open source web file browser . Provides a file management interface in a specified directory , can be used to upload , delete , preview , rename and edit your files . FileBrowser has a security vulnerability that stems from an improper implementation of password-protected links,...

Important Photon OS Security Update - PHSA-2025-5.0-0544

Updates of 'sudo' packages of Photon OS have been released...

AZL-64434 CVE-2025-6818 affecting package hdf5 for versions less than 1.14.6-1

A vulnerability, which was classified as problematic, was found in HDF5 1.14.6. Affected is the function H5Ochunkprotect of the file /src/H5Ochunk.c. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may ...

PT-2025-27282 · Ibm · Ibm Datacap

Name of the Vulnerable Software and Affected Versions: IBM Datacap versions 9.1.7 through 9.1.9 Description: The issue is related to the improper handling of authorization tokens and session cookies, as the software does not set the secure attribute on these cookies or tokens. Attackers may be ab...

CVE-2025-52576

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine vali...

The vulnerability of Mozilla Firefox’s Content Security Policy mechanism allows attackers to circumvent security restrictions and gain unauthorized access to protected information.

The vulnerability of Mozilla Firefox’s Content Security Policy mechanism is related to insufficient protection of service data. Exploiting this vulnerability can allow an attacker to bypass security restrictions and gain unauthorized access to protected information...

How to Build an Effective Security Awareness Program

This is a step-by-step guide to build a strong security awareness and training program that empowers your employees and protects your business...

CVE-2025-52471

ESF-IDF is the Espressif Internet of Things IOT Development Framework. An integer underflow vulnerability has been identified in the ESP-NOW protocol implementation within the ESP Wi-Fi component of versions 5.4.1, 5.3.3, 5.2.5, and 5.1.6 of the ESP-IDF framework. This issue stems from insufficie...

Why the Do Not Call Registry doesn’t work

The “Do Not Call Registry” receives a lot of hate online for failing to do its job: Stop calls. “What’s the point of being on the Do Not Call list?” wrote one user on Reddit who shared a screenshot of ten declined phone calls received across one week. Though already registered with the Do Not Cal...

White House Bans WhatsApp

Reuters is reporting that the White House has banned WhatsApp on all employee devices: The notice said the "Office of Cybersecurity has deemed WhatsApp a high risk to users due to the lack of transparency in how it protects user data, absence of stored data encryption, and potential security risk...

The Hidden Risks of SaaS: Why Built-In Protections Aren't Enough for Modern Data Resilience

SaaS Adoption is Skyrocketing, Resilience Hasn't Kept Pace SaaS platforms have revolutionized how businesses operate. They simplify collaboration, accelerate deployment, and reduce the overhead of managing infrastructure. But with their rise comes a subtle, dangerous assumption: that the...

Multiple vulnerabilities in multiple BROTHER products

Overview Multiple BROTHER products provided by BROTHER INDUSTRIES, LTD. contain multiple vulnerabilities listed below. Exposure of sensitive system information to an unauthorized control sphere CWE-497 - CVE-2024-51977 Use of weak credentials CWE-1391 - CVE-2024-51978 Stack-based buffer overflow...

Protecting Business Data From Unauthorized Encryption Threats

Your business operates in an online environment where unauthorized encryption of data isn't just possible, it's probable. The…...

WhatsApp Adds AI-Powered Message Summaries for Faster Chat Previews

Popular messaging platform WhatsApp has added a new artificial intelligence AI-powered feature that leverages its in-house solution Meta AI to summarize unread messages in chats. The feature, called Message Summaries, is currently rolling out in the English language to users in the United States,...

DSA-5951-1 icu - security update

Bulletin has no description...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, which allows attackers to execute XSS attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability can allow a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of website structures, which allows attackers to execute XSS attacks.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to carry out XSS attacks remotely...