Aggregator

3月28日，安全牛《后量子密码安全能力构建技术指南（2025版）》研究报告正式发布。报告调研分析了国内外在后量 […]

新闻速览 •最后一刻的“缓刑”：CISA紧急延长CVE项目资金支持 •马斯克DOGE团队账户被指用来试图入侵美 […]

本文内容摘自为安全牛最新发布的《后量子密码安全能力构建技术指南（2025版》研究报告 后量子密码技术的重点需求 […]

就是这么快

疑似某红队CS样本分析二

就是这么快

黄仁勋时隔 3 个月再次到访北京，H20 芯片管制或造成百亿美元损失； Grok 新增「记忆」功能，可回复个性化内容； Claude 更新：高级 Research 功能、深度集成 Google Workspace、语音模式即将上线

A vulnerability was found in Buffalo WSR-3200AX4S, WSR-3200AX4B, WSR-2533DHP, WSR-2533DHP2, WSR-A2533DHP2, WSR-2533DHP3, WSR-A2533DHP3, WSR-2533DHPL, WSR-2533DHPL2, WSR-2533DHPLS and WCR-1166DS and classified as critical. This issue affects some unknown processing of the component CTI Program. The manipulation leads to os command injection. The identification of this vulnerability is CVE-2022-43466. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in Denshi Nyusatsu Core System up to 6 R4. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2022-41993. The attack may be launched remotely. There is no exploit available.

01.NET内网安全攻防报刊小报童电子报刊【.NET内网安全攻防】也正式上线了，引入小报童也是为了弥补知识星球

A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /add-product.php. The manipulation of the argument Avatar leads to unrestricted upload. This vulnerability is known as CVE-2025-3783. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #553724 / VDB-303271

Submit #553723 / VDB-305605

A vulnerability classified as problematic has been found in GitHub Enterprise Server up to 3.16.1. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2025-3246. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GitHub Enterprise Server up to 3.13.13/3.14.10/3.15.5/3.16.1/3.16.x. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2025-3124. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GitHub Enterprise Server up to 3.13.13/3.14.10/3.15.5/3.16.1. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to code injection. This vulnerability was named CVE-2025-3509. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Hunk Companion Plugin 1.9.0 - Unauthenticated Plugin Installation