Aggregator

CVE-2025-2945为pgAdmin4≤9.1版本中经认证的RCE漏洞，因参数被不安全传入eval()函数导致任意代码执行。

本文复现Tenda AC15 V15.03.05.19固件中的CVE-2025-25634栈溢出和CVE-2025-25632命令注入漏洞，通过固件解包、模拟执行及动态调试，深入分析httpd服务的安全缺陷并验证利用方式。

本文对金盘图书馆管理系统进行代码审计，发现包含任意文件上传、文件读取、删除、命令执行及Shiro反序列化等高危漏洞。

本文深入探讨四种主流C2通信协议的技术实现与流量伪装策略，涵盖HTTPS加密传输、mTLS双向认证、WebSocket全双工通信及DNS隧道隐蔽控制，结合Go语言实例分析其对抗检测机制。

py恶意样本分析实战

这篇文章开始给师傅们演示了下资产收集的过程，从对一个目标站点的信息收集再到对该资产站点的渗透测试，给师傅们分享了几个RCE漏洞的过程，还有之前一个前台SQL注入的案例，包括后面利用JS接口文档，找到对应的阿里云AK/SK泄露，再利用CF进行root权限接管，还有就是JWT爆破相关导致未授权的漏洞，最后面给师傅们分享下隐私合约的漏洞。

Qilin ransomware group used Linux binaries on Windows to evade EDRs, steal backups, and disable defenses via BYOVD attacks. Trend Research found that the Qilin ransomware group (aka Agenda) used a Linux ransomware binary on Windows systems via legitimate remote tools, bypassing Windows defenses and EDRs. The cross-platform method enables stealthy attacks, stealing backup credentials […]

A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the past several years. Unlike traditional cybercriminal operations focused on financial gain, this group executes highly disruptive campaigns designed to cripple essential services, destroy sensitive data, and send provocative political messages. Security […]

The post Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Critical Infrastructure appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

edu系统一直是安全测试的热门目标，系统多、漏洞类型丰富，而且开发者通常更关注功能实现，安全防护相对薄弱。本文分享三个真实的漏洞案例

A vulnerability was found in SICK TLOC100-100. It has been rated as problematic. This vulnerability affects unknown code. The manipulation leads to deadlock. This vulnerability is listed as CVE-2025-59463. The attack must be carried out from within the local network. There is no available exploit.

A vulnerability was found in SICK TLOC100-100. It has been declared as problematic. This affects an unknown part of the component C++ CLI Client. Executing manipulation can lead to uncaught exception. This vulnerability is tracked as CVE-2025-59462. The attack is only possible within the local network. No exploit exists.

A vulnerability was found in SICK TLOC100-100 up to 7.1.0. It has been classified as problematic. Affected by this issue is some unknown functionality of the component SSH. Performing manipulation results in allocation of resources. This vulnerability is identified as CVE-2025-59459. The attack is only possible with local access. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in SICK TLOC100-100 and classified as critical. Affected by this vulnerability is an unknown functionality. Such manipulation leads to use of unmaintained third party components. This vulnerability is referenced as CVE-2025-10561. The attack can only be performed from a local environment. No exploit is available.

A vulnerability has been found in SICK TLOC100-100 and classified as critical. Affected is an unknown function of the component C++ API. This manipulation causes missing authorization. The identification of this vulnerability is CVE-2025-59461. The attack needs to be done within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in Centreon Infra Monitoring up to 23.10.14/24.04.8/24.10.5. This impacts an unknown function of the component MBI Module. The manipulation results in incorrect default permissions. This vulnerability was named CVE-2025-8432. The attack may be performed from remote. There is no available exploit. You should upgrade the affected component.

最近，spring cloud getway 又出了一个10.0分的 SpEL漏洞 这个漏洞和之前的CVE-2022-22947漏洞一样 依然是在热更新路由时触发表达式执行 之前的漏洞不是已经修复的非常完美了吗，为什么还能继续利用呢？

A vulnerability, which was classified as problematic, has been found in ZTE MC889A Pro BD_STDPLMC889A PROV1.0.1B06/BD_STDPLMC889A PROV1.0.1B08. This affects an unknown function of the component Short Message Service Interface. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-46583. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability classified as problematic was found in SICK TLOC100-100 up to 7.1.0. The impacted element is an unknown function of the component Configuration Setting Handler. Executing manipulation can lead to use of weak credentials. This vulnerability is handled as CVE-2025-59460. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. The affected element is an unknown function of the file /details.php. Performing manipulation of the argument ID results in sql injection. This vulnerability is known as CVE-2025-12329. Remote exploitation of the attack is possible. Furthermore, an exploit is available. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability described as critical has been identified in shawon100 RUET OJ up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. Impacted is an unknown function of the file /contestproblem.php. Such manipulation of the argument Name leads to sql injection. This vulnerability is traded as CVE-2025-12328. The attack may be launched remotely. Furthermore, there is an exploit available. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The vendor was contacted early about this disclosure but did not respond in any way.