An unlimited recursion in DxeCore in EDK II.

...

NVIDIA Mellanox DPDK 竞争条件问题漏洞

NVIDIA Mellanox DPDK is a data plane development kit from NVIDIA. NVIDIA Mellanox DPDK suffers from a Competitive Condition Issue vulnerability that stems from the Poll Mode Driver could lead to information disclosure and denial of service attacks...

PT-2025-35819

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description The vulnerability is a BYOVD Bring Your Own Vulnerable Driver case involving a kernel driver with unrestricted process termination capabilities. This allows...

Sunnet eHRD CTMS 跨站脚本漏洞

Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from Sunnet China Sunnet. A cross-site scripting vulnerability exists in Sunnet eHRD CTMS that stems from a reflective cross-site scripting issue that could lead to arbitrary JavaScript code execution...

Sunnet eHRD CTMS 跨站脚本漏洞

Sunnet eHRD CTMS is a Human Resource Development and Clinical Training Management System from Sunnet China Sunnet. A cross-site scripting vulnerability exists in Sunnet eHRD CTMS that stems from a reflective cross-site scripting issue that could lead to arbitrary JavaScript code execution...

Linux Distros Unpatched Vulnerability : CVE-2025-48068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. In versions starting from 13.0 to before 14.2.30 and 15.0.0 to before 15.2.2, Next.js may...

Linux Distros Unpatched Vulnerability : CVE-2025-27607

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Python JSON Logger is a JSON Formatter for Python Logging. Between 30 December 2024 and 4 March 2025 Python JSON Logger was vulnerable to RCE through a missing...

Exploit for Improper Input Validation in Rubyonrails Rails

🔐 Black Box Penetration Test on DVWA This repository document...

Malicious code in phone-feature-sdk (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41591 Malicious code in phone-feature-sdk (npm)

--- -= Per source details. Do not edit below this line.=-...

MAL-2025-41804 Malicious code in zlib1g-dev (PyPI)

--- -= Per source details. Do not edit below this line.=-...

The Era of AI-Generated Ransomware Has Arrived

Cybercriminals are increasingly using generative AI tools to fuel their attacks, with new research finding instances of AI being used to develop ransomware...

JetBrains IntelliJ IDEA HTML Injection Vulnerability

JetBrains IntelliJ IDEA is an integrated development environment IDE developed by JetBrains , designed to improve developer productivity and code quality , mainly for Java programming , but also supports Kotlin, Web, Spring and other languages and frameworks . JetBrains IntelliJ IDEA suffers from...

Linux Distros Unpatched Vulnerability : CVE-2019-20166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20191109. There is a NULL pointer dereference in the function gfisomdump in...

CVE-2025-36729 RACOM M!DGE2 Privilege Escalation via SDK Testing Endpoint

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid...

Securing and governing the rise of autonomous agents​​

In this blog, you will hear directly from Corporate Vice President and Deputy Chief Information Security Officer CISO for Identity, Igor Sakhnov, about how to secure and govern autonomous agents. This blog is part of a new ongoing series where our Deputy CISOs share their thoughts on what is most...

Photon OS 4.0: Openjdk21 PHSA-2025-4.0-0860

An update of the openjdk21 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0860. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Openjdk21 PHSA-2025-5.0-0600

An update of the openjdk21 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0600. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

How to Streamline Your Game Development Process: 4 Smart Solutions

Development teams worldwide spend countless hours wrestling with the same persistent challenges: tight deadlines, resource constraints, and the…...

Top EdTech Apps Delivering AI Skills

“AI isn’t coming, it’s already here. The question is, are you ready?” That’s the brutal reality of a…...