238 matches found
Nexar dashcam video database hacked
A hacker cracked into a database of video recordings taken from Nexar-branded cameras, which are built to be placed drivers’ cars, according to a new report from 404 Media. Nexar is a dashcam company that promotes its products as “virtual CCTV cameras” and offers automatic cloud uploads of critic...
AZL-73836 CVE-2025-38685 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...
BIT-MOODLE-2025-26527 Non-searchable tags can still be discovered on the tag search page and in the tags block
Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block...
SpectraSentinel: LightWeight Dual-Stream Real-Time Drone Detection, Tracking and Payload Identification
The proliferation of drones in civilian airspace has raised urgent security concerns, necessitating robust real-time surveillance systems. In response to the 2025 VIP Cup challenge tasks - drone detection, tracking, and payload identification - we propose a dual-stream drone monitoring framework...
The vulnerability of DevTools components in Google Chrome allows a hacker to execute arbitrary code.
The vulnerability of DevTools components in Google Chrome browsers is related to an incorrect limitation on the visible layers of the user interface. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...
Restricted Boltzmann Machine As a Probabilistic Enigma
We theoretically propose a symmetric encryption scheme based on Restricted Boltzmann Machines that functions as a probabilistic Enigma device, encoding information in the marginal distributions of visible states while utilizing bias permutations as cryptographic keys. Theoretical analysis reveals...
Client-Side Zero-Shot LLM Inference for Comprehensive In-Browser URL Analysis
Malicious websites and phishing URLs pose an ever-increasing cybersecurity risk, with phishing attacks growing by 40% in a single year. Traditional detection approaches rely on machine learning classifiers or rule-based scanners operating in the cloud, but these face significant challenges in...
CVE-2023-0897
Sielco PolyEco1000 is vulnerable to a session hijack vulnerability due to the cookie being vulnerable to a brute force attack, lack of SSL, and the session being visible in requests...
Backdoor Attacks against Patch-Based Mixture of Experts
As Deep Neural Networks DNNs continue to require larger amounts of data and computational power, Mixture of Experts MoE models have become a popular choice to reduce computational complexity. This popularity increases the importance of considering the security of MoE architectures. Unfortunately,...
CVE-2025-22031 PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion
In the Linux kernel, the following vulnerability has been resolved: PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion When BIOS neglects to assign bus numbers to PCI bridges, the kernel attempts to correct that during PCI device enumeration. If it runs out of bus numbers, no pcibu...
CVE-2025-22031 PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion
In the Linux kernel, the following vulnerability has been resolved: PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion When BIOS neglects to assign bus numbers to PCI bridges, the kernel attempts to correct that during PCI device enumeration. If it runs out of bus numbers, no pcibu...
CVE-2025-26902
creationtimestamp| type| source ---|---|--- 2025-04-09 19:48:20+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11145 2025-04-09 23:38:03+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmg5uwdtkp2v...
CVE-2025-31498
creationtimestamp| type| source ---|---|--- 2025-04-08 13:18:29+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lmcks5r5in2l 2025-04-08 17:22:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmcygf2jk52q 2025-04-08 18:10:50+00:00| seen|...
The vulnerability of Google Chrome’s user interface allows a perpetrator to replace the user interface.
The vulnerability of Google Chrome’s user interface is related to an improper limitation on the visible layers of the user interface. Exploiting this vulnerability allows a malicious actor to replace the user interface with a specially created HTML page...
PT-2025-7783 · Red Os · Red Os
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A security issue allows users to discover tags that are not expected to be visible to them. This can occur through the tag search page or in the tags block. Recommendations: At the moment,...
CERTFR-2024-CTI-008
creationtimestamp| type| source ---|---|--- 2025-02-17 08:59:02+00:00| seen| https://bsky.app/profile/test-cvp.bsky.social/post/3lieey7bo6b2z...
CVE-2025-0015
creationtimestamp| type| source ---|---|--- 2025-02-03 10:30:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113939488441683419 2025-02-03 11:15:25+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhbg36tcnx2t 2025-02-03 13:37:48+00:00| seen|...
CERTFR-2020-ALE-001
creationtimestamp| type| source ---|---|--- 2025-01-29 16:32:08+00:00| seen| https://bsky.app/profile/tuxpanik.bsky.social/post/3lgvfgvcjy62y...
PT-2025-37306
Name of the Vulnerable Software and Affected Versions: Zabbix affected versions not specified Description: A Zabbix administrator can inject arbitrary SQL during the autoremoval of hosts. This is achieved by inserting malicious SQL into the Visible name field. Recommendations: At the moment, ther...
PT-2024-17204 · WordPress · Wp Job Portal
Name of the Vulnerable Software and Affected Versions: WP Job Portal plugin versions prior to 2.2.3 Description: The WP Job Portal plugin for WordPress is vulnerable to SQL Injection via the ff parameter of the getFieldsForVisibleCombobox function due to insufficient escaping on the user-supplied...