Exploit for Deserialization of Untrusted Data in Google Android

Project Documentation Official QQ Group: 745307987 Although P...

EUVD-2025-35011

A weakness has been identified in bftpd up to 6.2. Impacted is the function expandgroups of the file options.c of the component Configuration File Handler. Executing manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this nature...

CVE-2025-11947

A weakness has been identified in bftpd up to 6.2. Impacted is the function expandgroups of the file options.c of the component Configuration File Handler. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this natur...

CVE-2025-11947

CVE-2025-11947 affects bftpd up to version 6.2. The vulnerability is a heap-based overflow in the expand_groups function of options.c within the Configuration File Handler. Exploitation requires local access (attack vector: LOCAL) with HIGH complexity and LOW privileges, as described in the sourc...

CVE-2025-11947 bftpd Configuration File options.c expand_groups heap-based overflow

A weakness has been identified in bftpd up to 6.2. Impacted is the function expandgroups of the file options.c of the component Configuration File Handler. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this natur...

CVE-2025-11947

A weakness has been identified in bftpd up to 6.2. Impacted is the function expandgroups of the file options.c of the component Configuration File Handler. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this natur...

CVE-2025-11947 bftpd Configuration File options.c expand_groups heap-based overflow

A weakness has been identified in bftpd up to 6.2. Impacted is the function expandgroups of the file options.c of the component Configuration File Handler. Executing a manipulation can lead to heap-based buffer overflow. It is possible to launch the attack on the local host. Attacks of this natur...

bftpd 安全漏洞

Bftpd is an FTP File Transfer Protocol server. A security vulnerability exists in bftpd 6.2 and earlier versions, which originates from a heap buffer overflow in the function expandgroups in the file options.c of the component Configuration File Handler, which could lead to a localhost attack...

CVE-2025-62400

Moodle exposed the names of hidden groups to users who had permission to create calendar events but not to view hidden groups. This could reveal private or restricted group information...

CVE-2025-60016

When Diffie-Hellman DH group Elliptic Curve Cryptography ECC Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions...

Signal in the noise: what hashtags reveal about hacktivism in 2025

What do hacktivist campaigns look like in 2025? To answer this question, we analyzed more than 11,000 posts produced by over 120 hacktivist groups circulating across both the surface web and the dark web, with a particular focus on groups targeting MENA countries. The primary goal of our research...

Introducing Share Consumer Support (Kafka Queues) in Spring for Apache Kafka

Continuing our Road to GA series, this week we're exploring Share Groups in Apache Kafka 4.0.0 and their integration in Spring for Apache Kafka 4.0.0 - a feature that fundamentally expands how we can consume messages from Kafka topics. When we first start working with Kafka, the mental model is...

Veeam Agent for Microsoft Windows 6.3.2.1302 Private Fix Deployment Information

Article Applicability This article documents the Veeam Agent for Microsoft Windows private fix deployment procedure for customers who have recently installed Veeam Backup & Replication 12.3.2.4165 Patch. That patch to Veeam Backup & Replication includes a private fix for Veeam Agent for Microsoft...

CVE-2025-61882: Imperva Customers Protected Against Critical Oracle EBS Zero-Day RCE

TL;DR: In early October 2025, Oracle released an emergency security alert addressing CVE-2025-61882, a high-severity unauthenticated remote code execution RCE vulnerability in the Concurrent Processing / BI Publisher Integration component of Oracle E-Business Suite EBS versions 12.2.3 through...

CLSA-2025-1760370936 Fix CVE(s): CVE-2021-3738

SECURITY UPDATE: improper handling of association groups can lead to use- after-free vulnerability - debian/patches/CVE-2021-3738.patch: Fix routines for preparing service before handling CVE-2021-3738 - debian/patches/CVE-2021-3738-1.patch: Fix DsBindAssocGroupAdmin to use admin credentials for...

CVE-2025-11672

CVE-2025-11672 concerns Uniweb/SoliPACS WebServer by EBM Technologies with a Missing Authentication vulnerability that allows unauthenticated remote access to a page exposing user group names. Affected component: web server software; root cause described as missing authentication/authorization on...

EBM Uniweb/SoliPACS WebServer 访问控制错误漏洞

EBM Uniweb/SoliPACS WebServer is a medical image archiving and communication system from Enterprise Business Machine EBM, Inc. of Taiwan, China. An access control error vulnerability exists in the EBM Uniweb/SoliPACS WebServer that stems from a lack of authentication and could allow an...

LockBit, Qilin, and DragonForce Join Forces to Dominate the Ransomware Ecosystem

Three prominent ransomware groups DragonForce, LockBit, and Qilin have announced a new strategic ransomware alliance, once underscoring continued shifts in the cyber threat landscape. The coalition is seen as an attempt on the part of the financially motivated threat actors to conduct more...

OpenAI Finds Growing Exploitation of AI Tools by Foreign Threat Groups

OpenAI's new report warns hackers are combining multiple AI tools for cyberattacks, scams, and influence ops linked to China, Russia, and North Korea...

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

OpenAI on Tuesday said it disrupted three activity clusters for misusing its ChatGPT artificial intelligence AI tool to facilitate malware development. This includes a Russian‑language threat actor, who is said to have used the chatbot to help develop and refine a remote access trojan RAT, a...