Aggregator

A vulnerability described as problematic has been identified in Berkeley Sendmail 8.7/8.8/8.8.1/8.8.2. This affects an unknown part of the component Daemon Mode. Executing manipulation can lead to improper privilege management. The identification of this vulnerability is CVE-1999-0130. The attack can only be executed locally. Furthermore, there is an exploit available. Upgrading the affected component is recommended.

A vulnerability identified as problematic has been detected in Berkeley Sendmail up to 8.7.5. The impacted element is an unknown function. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-1999-0131. Local access is required to approach this attack. No exploit exists. This vulnerability is historically significant due to its background and the way it was received. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Microsoft Windows NT 3.51/NT 4.0. Affected by this issue is some unknown functionality of the component RAS/PPTP. Such manipulation leads to denial of service. This vulnerability is listed as CVE-1999-0140. The attack may be performed from remote. In addition, an exploit is available. It is advisable to upgrade the affected component.

In mid-summer 2025, the ToolShell vulnerability (CVE-2025-53770) became the catalyst for a major wave of compromises. Attackers exploited

The post ToolShell Exploit: China-Linked Hackers Target Global Critical Infrastructure appeared first on Penetration Testing Tools.

North Korea has intensified its reliance on cybercrime and the overseas remote employment of its citizens to circumvent

The post North Korea Stole $2.8 Billion in Crypto to Fund Weapons Programs, Report Says appeared first on Penetration Testing Tools.

共同开启“Agent+千行智变”的探索之旅！

百万服务器告急！360携手国家相关单位阻断SGLang高危漏洞危机

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。

通过持续的技术探索和研究，推动全社会树立正确的安全观念，让安全与创新协同发展。

聚力AI安全，智御秒级攻防，护航数字经济。

探数智安全跃迁新方向

合规不再是成本，而是企业未来发展的基石和引擎

A vulnerability categorized as critical has been discovered in Tenda CH22 1.0.0.1. Affected by this issue is the function fromNatStaticSetting of the file /goform/NatStaticSetting. Executing manipulation of the argument page can lead to buffer overflow. This vulnerability is registered as CVE-2025-12322. It is possible to launch the attack remotely. Furthermore, an exploit is available.

超555万名患者个人信息泄露

The Lazarus hacking group has resurfaced—this time targeting European defence firms engaged in unmanned aerial systems development. ESET

The post Operation DreamJob: Lazarus Targets European Drone Makers with Malware Lures appeared first on Penetration Testing Tools.

Submit #674151 / VDB-330101

A vulnerability was found in ZTE ZXMP M721 5.30.020.001P01. It has been rated as problematic. Affected by this vulnerability is an unknown functionality. Performing manipulation results in use of hard-coded cryptographic key . This vulnerability is cataloged as CVE-2025-46582. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Google WearOS. It has been declared as problematic. Affected is an unknown function of the component Messages. Such manipulation leads to insufficient verification of data authenticity. This vulnerability is listed as CVE-2025-12080. The attack must be carried out locally. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.16.10/6.17.0. This affects the function snd_usbmidi_free of the component ALSA. This manipulation causes use after free. This vulnerability appears as CVE-2025-39997. The attacker needs to be present on the local network. There is no available exploit. It is suggested to upgrade the affected component.