Toute l'actualité de la Cybersécurité

KinoKong - 817,808 breached accounts

2025-12-06 08:13:57
In March 2021, the Russian online streaming service KinoKong suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 800k unique email addresses...

2.15M Web Services Running Next.js Exposed Over Internet, Active Exploitation Underway – Patch Now

2025-12-06 07:48:34
A critical unauthenticated remote code execution vulnerability dubbed “React2Shell” is actively being exploited in the wild, putting millions of web services at risk. On December 3, React...

React2Shell Remote Code Execution (RCE) Vulnerability

2025-12-06 04:11:13
What is the Vulnerability? React2Shell is a critical unauthenticated RCE vulnerability impacting React Server Components (RSC) and frameworks that...

Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges

2025-12-06 03:33:15
Security researchers from the SAFA team have uncovered four kernel heap overflow vulnerabilities in Avast Antivirus, all traced to the aswSnx kernel driver. The flaws, now tracked collectively as CVE-2025-13032,...

Debian 11: Krita Major Heap Overflow Issue DLA-4395-1 CVE-2025-59820

2025-12-06 01:28:57
Loading a manipulated TGA file in krita, an image manipulation program, could result in a heap-based buffer overflow in KisTgaImport.

Fedora 42: Chromium High CVE-2025-13630, 13631, 13632 Advisory

2025-12-06 01:27:35
Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools...

Fedora 42: abrt Critical Command Injection Vulnerability CVE-2025-12744

2025-12-06 01:27:34
Fix CVE-2025-12744

Fedora 42: cef High Type Confusion Vuln CVE-2025-13223,13224 Advisory

2025-12-06 01:27:28
Update to cef-142.0.17+g60aac24 & chromium 142.0.7444.175 (rhbz#2413981) High CVE-2025-13223: Type Confusion in V8 High CVE-2025-13224: Type Confusion in V8

Fedora 43: chromium High CVE-2025-13630 Type Confusion and more

2025-12-06 00:48:47
Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools...

Fedora 43: abrt Critical Command Injection Fix CVE-2025-12744

2025-12-06 00:48:45
Fix CVE-2025-12744

Maximum-severity XXE vulnerability discovered in Apache Tika

2025-12-06 00:03:20
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it lets...