Search
News & Updates
CVE ID : CVE-2025-6982
Published : July 16, 2025, 8:15 p.m. | 6 hours, 47 minutes ago
Description : Use of Hard-coded Credentials in TP-Link Archer C50 V3(
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34118
Published : July 16, 2025, 9:15 p.m. | 5 hours, 47 minutes ago
Description : A path traversal vulnerability exists in Linknat VOS Manager versions prior to 2.1.9.07, including VOS2009 and early VOS3000 builds, that allows unauthenticated remote attackers to read arbitrary files on the server. The vulnerability is accessible via multiple localized subpaths such as ‘/eng/’, ‘/chs/’, or ‘/cht/’, where the ‘js/lang_en_us.js’ or equivalent files are loaded. By injecting encoded traversal sequences such as ‘%c0%ae%c0%ae’ into the request path, attackers can bypass input validation and disclose sensitive files.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34117
Published : July 16, 2025, 9:15 p.m. | 5 hours, 47 minutes ago
Description : A remote code execution vulnerability exists in multiple Netcore and Netis routers models with firmware released prior to August 2014 due to the presence of an undocumented backdoor listener on UDP port 53413. Exact version boundaries remain undocumented. An unauthenticated remote attacker can send specially crafted UDP packets to execute arbitrary commands on the affected device. This backdoor uses a hardcoded authentication mechanism and accepts shell commands post-authentication. Some device models include a non-standard implementation of the `echo` command, which may affect exploitability.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
CVE ID : CVE-2025-34120
Published : July 16, 2025, 9:15 p.m. | 5 hours, 47 minutes ago
Description : An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and including 2.06+ Build 151014. The application fails to validate serialized input to the admin backup endpoint (`index.php/admin/update/sa/backup`), allowing attackers to specify arbitrary file paths using a crafted `datasupdateinfo` payload. The files are packaged in a ZIP archive and made available for download without authentication. This vulnerability can be exploited to read arbitrary files on the host system, including sensitive OS and configuration files.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Artificial Intelligence
The most capable model you can run on a single GPU or TPU. Source: Read…
Native image output is available in Gemini 2.0 Flash for developers to experiment with in…
Introducing Gemini Robotics and Gemini Robotics-ER, AI models designed for robots to understand, act and…
PLAID is a multimodal generative model that simultaneously generates protein 1D sequence and 3D structure,…