Toute l'actualité de la Cybersécurité
KinoKong - 817,808 breached accounts
2025-12-06 08:13:57
In March 2021, the Russian online streaming service KinoKong suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed over 800k unique email addresses...
2.15M Web Services Running Next.js Exposed Over Internet, Active Exploitation Underway – Patch Now
2025-12-06 07:48:34
A critical unauthenticated remote code execution vulnerability dubbed “React2Shell” is actively being exploited in the wild, putting millions of web services at risk. On December 3, React...
React2Shell Remote Code Execution (RCE) Vulnerability
2025-12-06 04:11:13
What is the Vulnerability?
React2Shell is a critical unauthenticated RCE vulnerability impacting React Server Components (RSC) and frameworks that...
Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges
2025-12-06 03:33:15
Security researchers from the SAFA team have uncovered four kernel heap overflow vulnerabilities in Avast Antivirus, all traced to the aswSnx kernel driver. The flaws, now tracked collectively as CVE-2025-13032,...
Debian 11: Krita Major Heap Overflow Issue DLA-4395-1 CVE-2025-59820
2025-12-06 01:28:57
Loading a manipulated TGA file in krita, an image manipulation program, could result in a heap-based buffer overflow in KisTgaImport.
Fedora 42: Chromium High CVE-2025-13630, 13631, 13632 Advisory
2025-12-06 01:27:35
Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools...
Fedora 42: abrt Critical Command Injection Vulnerability CVE-2025-12744
2025-12-06 01:27:34
Fix CVE-2025-12744
Fedora 42: cef High Type Confusion Vuln CVE-2025-13223,13224 Advisory
2025-12-06 01:27:28
Update to cef-142.0.17+g60aac24 & chromium 142.0.7444.175 (rhbz#2413981) High CVE-2025-13223: Type Confusion in V8 High CVE-2025-13224: Type Confusion in V8
Fedora 43: chromium High CVE-2025-13630 Type Confusion and more
2025-12-06 00:48:47
Update to 143.0.7499.40 * High CVE-2025-13630: Type Confusion in V8 * High CVE-2025-13631: Inappropriate implementation in Google Updater * High CVE-2025-13632: Inappropriate implementation in DevTools...
Fedora 43: abrt Critical Command Injection Fix CVE-2025-12744
2025-12-06 00:48:45
Fix CVE-2025-12744
Maximum-severity XXE vulnerability discovered in Apache Tika
2025-12-06 00:03:20
A maximum severity vulnerability in Apache Tika, tracked as CVE-2025-66516 (CVSS score of 10.0), allows XML external entity attacks. CVE-2025-66516 carries a maximum CVSS rating of 10.0 because it lets...