Aggregator

CVE-2025-12872 | aEnrich a+HRD/a+HCM up to 7.5 cross site scripting

3 months ago

A vulnerability has been found in aEnrich a+HRD and a+HCM up to 7.5 and classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is documented as CVE-2025-12872. The attack can be initiated remotely. There is not any exploit available.

vuldb.com

CVE-2025-13047 | ViewLead Bacteriology Laboratory Reporting System sql injection

VulDB Recent Entries

3 months ago

A vulnerability, which was classified as critical, was found in ViewLead Bacteriology Laboratory Reporting System. This impacts an unknown function. Executing manipulation can lead to sql injection. This vulnerability is registered as CVE-2025-13047. It is possible to launch the attack remotely. No exploit is available.

vuldb.com

深入SleepObfs的检测与绕过

先知技术社区

3 months ago

深入剖析线程池睡眠混淆与扫描器的工作机制，规避对应的检测

WIZ竞标赛 Perimeter Leak wp

先知技术社区

3 months ago

Perimeter Leak题目描述After weeks of exploits and privilege escalation you've gained access to what you hope is the final server that you can then use to extract out the secret flag from an S3 bucket.It w

CVE-2025-12871 | aEnrich a+HRD up to 7.5 weak authentication

VulDB Recent Entries

3 months ago

A vulnerability, which was classified as very critical, has been found in aEnrich a+HRD up to 7.5. This affects an unknown function. Performing manipulation results in weak authentication. This vulnerability is cataloged as CVE-2025-12871. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2025-12870 | aEnrich a+HRD up to 7.5 Packets weak authentication

VulDB Recent Entries

3 months ago

A vulnerability classified as very critical was found in aEnrich a+HRD up to 7.5. The impacted element is an unknown function of the component Packets Handler. Such manipulation leads to weak authentication. This vulnerability is listed as CVE-2025-12870. The attack may be performed from remote. There is no available exploit.

vuldb.com

Cobalt Strike内存加载.NET程序集功能原理分析并重构

先知技术社区

3 months ago

本文分析了Cobalt Strike的execute-assembly功能以及在Beacon中重构此功能

2025黄鹤杯网络安全人才创新大赛江城校园新星赛道 wp

先知技术社区

3 months ago

聚智网安·筑梦黄鹤 - 发掘网络安全实战型人才，促进创新成果转化

Crypto24

Dark Feed IO

3 months ago

You must login to view this content

cohenido

Visual Studio 2026 释出

Solidot

3 months ago

微软释出了编译器 Visual Studio 的最新版本。Visual Studio 2026 的变化包括：调整 UI；开箱即用现有的 Visual Studio 2022 扩展；改进 C++23 核心语言和标准库实现；改进编译器运行时性能；ARM64 版本支持 AddressSanitizer；等等，更多可浏览发布公告。

New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials

Cyber Security News

3 months ago

A large-scale phishing campaign has emerged, exploiting Meta’s Business Suite to compromise credentials across thousands of small and medium-sized businesses worldwide. Check Point security researchers identified approximately 40,000 phishing emails distributed to more than 5,000 customers, primarily targeting industries including automotive, education, real estate, hospitality, and finance across the U.S., Europe, Canada, and Australia. The […]

The post New Phishing Attack Targeting Meta Business Suite Users to Steal Login Credentials appeared first on Cyber Security News.

Tushar Subhra Dutta

关于召开2025年度关键信息基础设施安全保护大会暨召开第一届第五次会员大会的通知

数世咨询

3 months ago

关于召开2025年度关键信息基础设施安全保护大会暨召开第一届第五次会员大会的通知

直播预告 | 互联网暴露面收敛——从风险识别到动态清零的攻防实战

数世咨询

3 months ago

影子资产潜藏隐患、攻击面持续扩张、传统防护捉襟见肘，企业如何防范数据泄露、业务中断风险？

中国软件评测中心联合数世咨询发布：《2025中国数据安全企业全景图》

数世咨询

3 months ago

2025年11月7日，2025中国—东盟数据安全产业创新合作论坛在广西南宁市成功举办。

Срочно обновиться до 8.9.1.: 0-day в SuiteCRM позволяет удаленно получить доступ к защищенным данным

Securitylab.ru

3 months ago

Уязвимость CVE-2025-64492 получила 8,8 балла по шкале CVSS.

倒计时3天！补天长沙站议题精华抢先看！

补天平台

3 months ago

11月15日，湖南金融中心，欢迎白帽黑客师傅们报名！

Firefox 145 释出

Solidot

3 months ago

Mozilla 释出了 Firefox 145.0。主要变化包括：停止支持 32 位 Linux 系统，仍然使用 32 位 Linux 发行版的用户将不会收到更新，Mozilla 建议相关用户切换到 64 位操作系统；支持添加和删除 PDF 注释；增强隐私浏览的指纹识别能力，标签组预览，从侧边栏管理密码，支持播放 Matroska MKV 媒体内容；等等。

Windows Remote Desktop Services Vulnerability Let Attackers Escalate Privileges

Cyber Security News

3 months ago

Microsoft has disclosed a significant vulnerability in Windows Remote Desktop Services (RDS) that could allow authorized attackers to escalate their privileges on affected systems. Tracked as CVE-2025-60703, the flaw stems from an untrusted pointer dereference, a classic memory safety issue that has plagued software for years, and carries an “Important” severity rating from the company. The […]

The post Windows Remote Desktop Services Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

Guru Baran

CVE-2024-47866 | Ceph RGW Module denial of service

VulDB Recent Entries

3 months ago

A vulnerability classified as problematic has been found in Ceph. The affected element is an unknown function of the component RGW Module. This manipulation causes denial of service. This vulnerability is tracked as CVE-2024-47866. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-12869 | aEnrich a+HRD up to 7.5 cross site scripting

VulDB Recent Entries

3 months ago

A vulnerability described as problematic has been identified in aEnrich a+HRD up to 7.5. Impacted is an unknown function. The manipulation results in cross site scripting. This vulnerability is identified as CVE-2025-12869. The attack can be executed remotely. There is not any exploit available.

vuldb.com

Aggregator

Managed ad