CVE-2025-9648

A vulnerability in the CivetWeb library's function mghandleformrequest allows remote attackers to trigger a denial of service DoS condition. By sending a specially crafted HTTP POST request containing a null byte in the payload, the server enters an infinite loop during form data parsing. Multipl...

PT-2025-37100

Name of the Vulnerable Software and Affected Versions: GrandNode versions prior to 2.3.0 Description: A flaw exists in GrandNode up to version 2.3.0 within the Voucher Handler component, specifically in the /checkout/ConfirmOrder/ file. Manipulation of the giftvouchercouponcode argument can trigg...

Aura-CAPTCHA: a Reinforcement Learning and GAN-Enhanced Multi-Modal CAPTCHA System

Aura-CAPTCHA was developed as a multi-modal CAPTCHA system to address vulnerabilities in traditional methods that are increasingly bypassed by AI technologies, such as Optical Character Recognition OCR and adversarial image processing. The design integrated Generative Adversarial Networks GANs fo...

CVE-2024-13978 LibTIFF fax2ps tiff2pdf.c t2p_read_tiff_init null pointer dereference

A vulnerability was found in LibTIFF up to 4.7.0. It has been declared as problematic. Affected by this vulnerability is the function t2preadtiffinit of the file tools/tiff2pdf.c of the component fax2ps. The manipulation leads to null pointer dereference. The attack needs to be approached locally...

CVE-2025-8206

A vulnerability, which was classified as problematic, was found in Comodo Dragon up to 134.0.6998.179. This affects an unknown part of the component IP DNS Leakage Detector. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The complexity of an attack...

PT-2025-30985 · Comodo · Comodo Dragon

Name of the Vulnerable Software and Affected Versions: Comodo Dragon versions up to 134.0.6998.179 Description: A cross-site scripting issue exists in Comodo Dragon’s IP DNS Leakage Detector component. The issue is remotely exploitable, but requires a high level of complexity and is considered...

CVE-2025-7577

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather...

CVE-2025-7578

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been declared as critical. This vulnerability affects the function sendCommand of the file runcmd.sh. The manipulation of the argument cmd leads to command injection. The attack can be initiated remotely...

CVE-2025-7577 Teledyne FLIR FB-Series O/FLIR FH-Series ID hard-coded password

A vulnerability was found in Teledyne FLIR FB-Series O and FLIR FH-Series ID 1.3.2.16. It has been classified as problematic. This affects an unknown part. The manipulation leads to use of hard-coded password. It is possible to initiate the attack remotely. The complexity of an attack is rather...

CVE-2025-7213 FNKvision FNK-GU2 UART Interface on-chip debug and test interface with improper access control

A vulnerability classified as critical has been found in FNKvision FNK-GU2 up to 40.1.7. Affected is an unknown function of the component UART Interface. The manipulation leads to on-chip debug and test interface with improper access control. It is possible to launch the attack on the physical...

CVE-2025-7098

A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of the argument name/folder leads to path traversal. It is possible to launch the attack remotely. The...

CVE-2025-7097 Comodo Internet Security Premium Manifest File cis_update_x64.xml os command injection

A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affects some unknown processing of the file cisupdatex64.xml of the component Manifest File Handler. The manipulation of the argument binary/params leads to os command...

CVE-2025-7096 Comodo Internet Security Premium Manifest File cis_update_x64.xml integrity check

A vulnerability classified as critical was found in Comodo Internet Security Premium 12.3.4.8162. This vulnerability affects unknown code of the file cisupdatex64.xml of the component Manifest File Handler. The manipulation leads to improper validation of integrity check value. The attack can be...

CVE-2025-7095 Comodo Internet Security Premium Update certificate validation

A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown part of the component Update Handler. The manipulation leads to improper certificate validation. It is possible to initiate the attack remotely. The complexity of an atta...

CVE-2025-6932

CVE-2025-6932 affects D-Link DCS-7517 (firmware up to 2.02.0) due to a vulnerability in the Qlync Password Generation Handler’s function g_F_n_GenPassForQlync in /bin/httpd. The root cause is the use of a hard-coded password, enabling remote initiation of an attack. Public disclosures exist, but ...

Anti-Phishing Training Does Not Work: a Large-Scale Empirical Assessment of Multi-Modal Training Grounded in the NIST Phish Scale

Social engineering attacks using email, commonly known as phishing, are a critical cybersecurity threat. Phishing attacks often lead to operational incidents and data breaches. As a result, many organizations allocate a substantial portion of their cybersecurity budgets to phishing awareness...

CVE-2025-6524

A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects an unknown part of the component Video Services. The manipulation leads to improper authentication. Access to the local network is required for this attack to succeed. The complexity of an attack is...

CVE-2025-5715

A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic. This vulnerability affects unknown code of the component Biometric Authentication Handler. The manipulation leads to missing critical step in authentication. It is possible to launch the attack on the...

SUSE CVE-2025-5647

A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function rconscontextbreakpop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. The...

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...