Aggregator
CVE-2020-2868 | Oracle PeopleSoft Enterprise PeopleTools 8.56/8.57/8.58 Diagnostic Framework
SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution
Security researchers have disclosed a chain of critical vulnerabilities affecting SysAid ITSM’s On-Premise solution, enabling unauthenticated attackers to execute remote commands by exploiting several pre-auth XML External Entity (XXE) injection flaws. The vulnerabilities, registered as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, highlight systemic risks in widely-used IT Service Management platforms. SysAid ITSM On-Premise Plagued by Pre-Auth XXE […]
The post SysAid ITSM Vulnerabilities Enables Pre-Auth Remote Command Execution appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
CVE-2001-0467 | RobTex Viking Server up to 1.07-381 HTTP Request path traversal (EDB-20793 / ID 86121)
CVE-2014-5194 | Sphider 1.3.6 _word_upper_bound code injection (Exploit 159715 / EDB-34189)
学术年会 | 2025年网络空间安全学术会议征文通知
学术年会 | 2025年网络空间安全学术会议征文通知
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
CISA Warns of Cyber Threats to Oil and Gas SCADA and ICS Networks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new alert warning critical infrastructure operators-particularly those in the oil and natural gas sector-of emerging cyber threats targeting Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) networks. The agency reports that, in recent months, unsophisticated cyber actors have increasingly attempted to infiltrate […]
The post CISA Warns of Cyber Threats to Oil and Gas SCADA and ICS Networks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.