CVE-2025-46338 | advplyr audiobookshelf up to 2.20.x Error Message /api/upload libraryId cross site scripting
A vulnerability was found in advplyr audiobookshelf up to 2.20.x. It has been classified as problematic. Affected is an unknown
Read MoreMonth: April 2025
CVE-2025-46343 | n8n-io n8n up to 1.89.x Attachments View Endpoint cross site scripting
A vulnerability was found in n8n-io n8n up to 1.89.x. It has been declared as problematic. Affected by this vulnerability
Read MoreCVE-2025-4056 | GNU C Library up to 2.84.0 on Windows Command Line denial of service
A vulnerability was found in GNU C Library up to 2.84.0 on Windows. It has been rated as problematic. Affected
Read MoreCVE-2025-4058 | Projectworlds Online Examination System 1.0 /Bloodgroop_process.php Pat_BloodGroup1 sql injection
A vulnerability classified as critical has been found in Projectworlds Online Examination System 1.0. This affects an unknown part of
Read MoreCVE-2025-4059 | code-projects Prison Management System 1.0 Prison_Mgmt_Sys addrecord filename stack-based overflow
A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of
Read MoreCVE-2025-4060 | PHPGurukul Notice Board System 1.0 /category.php catname sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Notice Board System 1.0. This issue affects some
Read MoreCVE-2025-4061 | code-projects Clothing Store Management System up to 1.0 add_item st.productname stack-based overflow
A vulnerability, which was classified as critical, was found in code-projects Clothing Store Management System up to 1.0. Affected is
Read MoreRSAC 2025 Keynote: Cisco open-sources AI security tools
Facing surging attacks and an unpredictable AI future, Cisco, Microsoft, Trellix, and RSAC leadership call for a fundamental rethinking of
Read More
Cookie-Bite
A Varonis Threat Labs ismerteti a Cookie-Bite nevű támadási technikát, amely lehetővé teszi a támadók számára, hogy ellopott böngésző cookie-k
Read MoreVeriSource cops to 4 million accounts lost in 2024 data breach
VSI, VeriSource’s parent company, said the investigation and notification process took over a year.SCM feed for Endpoint/Device SecurityRead More
Read More