==========================
== Gharib Personal Blog ==
==========================
A Techi Personal Blog

CVE-2025-2198 - CVE-2020-13143 Apache Struts Command Injection

CVE-2025-2198 - CVE-2020-13143 Apache Struts Command Injection

CVE ID : CVE-2025-2198 Published : March 20, 2025, 11:15 p.m. | 6 hours, 43 minutes ago Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-2198
Published : March 20, 2025, 11:15 p.m. | 6 hours, 43 minutes ago
Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read more...

Former University of Michigan Football Quarterbacks Coach and Co-Offensive Coordinator Indicted on Charges of Unauthorized Access to Computers and Aggravated Identity Theft

Former University of Michigan Football Quarterbacks Coach and Co-Offensive Coordinator Indicted on Charges of Unauthorized Access to Computers and Aggravated Identity Theft

DETROIT – Former University of Michigan Co-Offensive Coordinator Matthew Weiss—age 42, of Ann Arbor—was charged today in a 24-count indictment alleging 14 counts of unauthorized access to computers and 10 counts of aggravated identity theft, Acting United States Attorney Julie A. Beck announced. Beck was joined in the announcement by Cheyvoryea

Read more...

Backyard Rope Tow from Spare Parts

Backyard Rope Tow from Spare Parts

A few years ago, [Jeremy Makes Things] built a rope tow in his back yard so his son could ski after school. Since the lifts at the local hill closed …read more

A few years ago, [Jeremy Makes Things] built a rope tow in his back yard so his son could ski after school. Since the lifts at the local hill closed …read more

Read more...

CVE-2025-30334 - OpenBSD wg4 Kernel Crash Vulnerability

CVE-2025-30334 - OpenBSD wg4 Kernel Crash Vulnerability

CVE ID : CVE-2025-30334 Published : March 20, 2025, 9:15 p.m. | 8 hours, 43 minutes ago Description : In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could result in kernel crash. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected

CVE ID : CVE-2025-30334
Published : March 20, 2025, 9:15 p.m. | 8 hours, 43 minutes ago
Description : In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could result in kernel crash.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read more...

CVE-2025-2538 - Esri ArcGIS Enterprise Portal Password Recovery Exploitation Vulnerability

CVE-2025-2538 - Esri ArcGIS Enterprise Portal Password Recovery Exploitation Vulnerability

CVE ID : CVE-2025-2538 Published : March 20, 2025, 9:15 p.m. | 1 day, 17 hours ago Description : A specific type of ArcGIS Enterprise deployment is vulnerable to a Password Recovery Exploitation vulnerability in Portal that could allow an attacker to reset the password on the built in-admin account. Severity: 9.8 | CRITICAL Visit

CVE ID : CVE-2025-2538
Published : March 20, 2025, 9:15 p.m. | 1 day, 17 hours ago
Description : A specific type of ArcGIS Enterprise deployment is vulnerable to a Password Recovery Exploitation vulnerability in Portal that could allow an attacker to reset the password on the built in-admin account.
Severity: 9.8 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read more...

CVE-2025-2574 - Xpdf Out-of-bounds Array Write Vulnerability

CVE-2025-2574 - Xpdf Out-of-bounds Array Write Vulnerability

CVE ID : CVE-2025-2574 Published : March 20, 2025, 9:15 p.m. | 8 hours, 43 minutes ago Description : Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,

CVE ID : CVE-2025-2574
Published : March 20, 2025, 9:15 p.m. | 8 hours, 43 minutes ago
Description : Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read more...

CVE-2025-25758 - KukuFM Android Backup Data Exposure

CVE-2025-25758 - KukuFM Android Backup Data Exposure

CVE ID : CVE-2025-25758 Published : March 20, 2025, 9:15 p.m. | 8 hours, 43 minutes ago Description : An issue in KukuFM Android v1.12.7 (11207) allows attackers to access sensitive cleartext data via the android:allowBackup=“true” in the ANdroidManifest.xml Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products,

CVE ID : CVE-2025-25758
Published : March 20, 2025, 9:15 p.m. | 8 hours, 43 minutes ago
Description : An issue in KukuFM Android v1.12.7 (11207) allows attackers to access sensitive cleartext data via the android:allowBackup=“true” in the ANdroidManifest.xml
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read more...

Security Researcher Comments on HIPAA Security Rule

Security Researcher Comments on HIPAA Security Rule

As long-time readers know, DataBreaches has occasionally run into difficulties when trying to helpfully notify entities of their data leaks or breaches. In other cases, independent researchers have also reported frustration with trying to get entities to respond to responsible disclosures. More often than not, initial attempts at disclosure are

As long-time readers know, DataBreaches has occasionally run into difficulties when trying to helpfully notify entities of their data leaks or breaches. In other cases, independent researchers have also reported frustration with trying to get entities to respond to responsible disclosures. More often than not, initial attempts at disclosure are ignored or go to spam…

Read more...

CVE-2025-26852 - DESCOR InfoCad SQL Injection Vulnerability

CVE-2025-26852 - DESCOR InfoCad SQL Injection Vulnerability

CVE ID : CVE-2025-26852 Published : March 20, 2025, 8:15 p.m. | 9 hours, 43 minutes ago Description : DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 allows SQL Injection. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-26852
Published : March 20, 2025, 8:15 p.m. | 9 hours, 43 minutes ago
Description : DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 allows SQL Injection.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read more...

CVE-2025-26853 - DESCOR InfoCAD Authentication Bypass Vulnerability

CVE-2025-26853 - DESCOR InfoCAD Authentication Bypass Vulnerability

CVE ID : CVE-2025-26853 Published : March 20, 2025, 8:15 p.m. | 9 hours, 43 minutes ago Description : DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-26853
Published : March 20, 2025, 8:15 p.m. | 9 hours, 43 minutes ago
Description : DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Read more...
Previous Page 15 of 576 Next Page