CVE ID : CVE-2025-5865

Published : June 9, 2025, 7:15 a.m. | 2 hours, 23 minutes ago

Description : A vulnerability was found in RT-Thread 5.1.0. It has been rated as critical. Affected by this issue is the function sys_select of the file rt-thread/components/lwp/lwp_syscall.c of the component Parameter Handler. The manipulation of the argument timeout leads to memory corruption. The vendor explains, that “[t]he timeout parameter should be checked to check if it can be accessed correctly in kernel mode and used temporarily in kernel memory.”

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5893

Published : June 9, 2025, 7:15 a.m. | 44 minutes ago

Description : Smart Parking Management System from Honding Technology has an Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to access a specific page and obtain plaintext administrator credentials.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5867

Published : June 9, 2025, 8:15 a.m. | 1 hour, 23 minutes ago

Description : A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csys_sendto of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument to leads to null pointer dereference.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5868

Published : June 9, 2025, 8:15 a.m. | 1 hour, 23 minutes ago

Description : A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5894

Published : June 9, 2025, 8:15 a.m. | 1 hour, 23 minutes ago

Description : Smart Parking Management System from Honding Technology has a Missing Authorization vulnerability, allowing remote attackers with regular privileges to access a specific functionality to create administrator accounts, and subsequently log into the system using those accounts.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5870

Published : June 9, 2025, 9:15 a.m. | 23 minutes ago

Description : A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the component Web Interface. The manipulation leads to improper authentication. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2025-5869

Published : June 9, 2025, 9:15 a.m. | 23 minutes ago

Description : A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption.

Severity: 8.0 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Linux Mint è una distribuzione GNU/Linux basata su Ubuntu, nota per la sua facilità d’uso e stabilità. È particolarmente apprezzata…

Dopo 5 anni dal loro rilascio, le versioni di Linux Mint 20.x, che includono le versioni 20, 20.1, 20.2 e…

Eddie’s company hired a Highly Paid Consultant to help them retool their systems for a major upgrade. Of course, the…

Tactics is a football lineup builder. Build your association football lineup. The post Tactics – football lineup builder appeared first…

US infrastructure could crumble under cyberattack, ex-NSA advisor warns

Infosec in Brief If a cyberattack hit critical infrastructure in the US, it would likely crumble, former deputy national security adviser and NSA cybersecurity director Anne Neuberger said last week.
…
Read more

Published Date:
Jun 08, 2025 (7 hours, 39 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-21479

CVE-2025-21480

CVE-2025-3935

CVE-2024-56145

CVE-2024-3721

CVE-2021-32030

CVE-2025-4318 (CVSS 9.5): AWS Amplify RCE Flaw Exposed with PoC – CI/CD Pipelines at Risk

Image: SecureLayer7
A critical vulnerability in AWS Amplify’s UI generation tool, @aws-amplify/codegen-ui, is putting developers—and their build pipelines—at serious risk. Tracked as CVE-2025-4318, th …
Read more

Published Date:
Jun 09, 2025 (5 hours, 38 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-4318

CVE-2024-3721

EnigmaCyberSecurity: Brazil-Focused Banking Malware Campaign Uses RATs and Malicious Extensions

Attack chain using a browser extension | Image: Positive Technologies
Positive Technologies has uncovered an ongoing, multi-stage cybercrime campaign—dubbed “EnigmaCyberSecurity”—primarily targeting B …
Read more

Published Date:
Jun 09, 2025 (5 hours, 33 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-4318

CVE-2025-24797

CVE-2017-0199

FormBook Returns: Exploiting CVE-2017-0199 via Malicious Excel Attachments in New Phishing Campaign

Image: FortiGuard Labs
FortiGuard Labs has uncovered a renewed phishing campaign that leverages the eight-year-old CVE-2017-0199 vulnerability to deploy FormBook, a notorious infostealer malware.
The …
Read more

Published Date:
Jun 09, 2025 (5 hours, 29 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2017-0199

Go Fixes Three Security Flaws: Update Your Apps Now!

The Go team has rolled out versions 1.24.4 and 1.23.10, addressing three critical security vulnerabilities affecting core packages such as net/http, os, and crypto/x509. While these are minor point re …
Read more

Published Date:
Jun 09, 2025 (5 hours, 23 minutes ago)

Vulnerabilities has been mentioned in this article.

UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack

CERT Polska has sounded the alarm after uncovering a spear phishing campaign that targeted Polish organizations using a critical webmail vulnerability. The campaign is linked to the UNC1151 APT group, …
Read more

Published Date:
Jun 09, 2025 (5 hours, 4 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-49113

CVE-2024-42009

Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure

B. Braun Melsungen AG has issued a high-priority security advisory warning of three severe vulnerabilities affecting its OnlineSuite AP 3.0 and earlier, including one rated a maximum CVSS score of 10. …
Read more

Published Date:
Jun 09, 2025 (5 hours, 1 minute ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-3365

CVE-2025-3322

CVE-2025-3321

CVE-2025-20188

PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution

A new proof-of-concept (PoC) exploit for a critical zero-day vulnerability affecting multiple Fortinet products raises urgent concerns about the security of enterprise network infrastructure.
The vuln …
Read more

Published Date:
Jun 09, 2025 (2 hours, 55 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE ID : CVE-2025-5859

Published : June 9, 2025, 4:15 a.m. | 1 hour, 24 minutes ago

Description : A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /test-details.php. The manipulation of the argument assignto leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…