Operation Destabilize: 6 Key Takeaways for the Crypto Industry
Following the news about Operation Destabilise, in which the UK’s National Crime Agency (NCA) disrup
Aggregator
CVE-2015-4137 | Milw0rm Clone Script 1.0 related.php program sql injection (ID 131981 / EDB-37248)
3 months ago
A vulnerability has been found in Milw0rm Clone Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file related.php. The manipulation of the argument program leads to sql injection.
This vulnerability is known as CVE-2015-4137. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2003-1368 | Electrasoft FTP Client 9.49.1 on 32-bit Server Banner memory corruption (EDB-22221 / XFDB-11234)
3 months ago
A vulnerability was found in Electrasoft FTP Client 9.49.1 on 32-bit. It has been classified as critical. This affects an unknown part of the component Server Banner Handler. The manipulation leads to memory corruption.
This vulnerability is uniquely identified as CVE-2003-1368. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户
3 months ago
【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN
3 months ago
【安全圈】安全圈恭祝大家:新年快乐~
3 months ago
【安全圈】黑客利用Windows RID劫持技术创建隐藏管理员账户
3 months ago
关键词网络攻击一个来自朝鲜的黑客组织正在使用一种名为RID劫持的技术,该技术可以欺骗Windows系统,使其将低权限账户视为具有管理员权限的账户。黑客使用了一个自定义的恶意文件和一个开源工具来进行劫持
【安全圈】安全圈恭祝大家:新年快乐~
3 months ago
关键词迎新年新年到,各位安全圈的朋友们:愿我们在新的一年里,守护安全无畏挑战,攻防之道更上一层;漏洞封堵尽善尽美,红蓝对抗再创佳绩;日志流转尽在掌控,威胁情报精准如神;代码零漏洞,系统零意外!祝大家在
【安全圈】Microsoft Entra ID允许普通用户更新自己的UPN
3 months ago
关键词微软微软允许非特权用户在Entra ID中更新自己的用户主体名称 (UPN) ,这引发了对安全和管理监督的担忧。测试正式,普通用户可以通过Entra管理中心进入账户属性页面,直接编辑自己的UPN
CVE-2009-4501 | Zabbix up to 1.6.7 zbx_get_next_field memory corruption (EDB-10432 / Nessus ID 47179)
3 months ago
A vulnerability, which was classified as problematic, was found in Zabbix up to 1.6.7. This affects the function zbx_get_next_field. The manipulation leads to memory corruption.
This vulnerability is uniquely identified as CVE-2009-4501. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Pwn2Own Automotive 2025:电动车充配电站遭大规模零日攻击
3 months ago
Cannot GET /event/Ffjdl5QBW7f1uUFH3-RI
看不见的AI安全威胁,揭秘隐形提示注入风险
3 months ago
在人工智能蓬勃发展并融合到各行各业的当前,一种新型的威胁正悄然蔓延:隐形提示注入攻击。这种看不见的攻击手段,利 […]
aqniu
CVE-2007-4531 | Michal Marcinkowski Soldat game server up to 1.4.2 denial of service (EDB-30524 / XFDB-36230)
3 months ago
A vulnerability, which was classified as problematic, has been found in Michal Marcinkowski Soldat game server up to 1.4.2. Affected by this issue is some unknown functionality. The manipulation leads to denial of service.
This vulnerability is handled as CVE-2007-4531. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2001-0616 | Faust Informatics Freestyle Chat up to 4.1 SR2 MS DOS Device Name /aux denial of service (EDB-20883 / XFDB-6602)
3 months ago
A vulnerability was found in Faust Informatics Freestyle Chat up to 4.1 SR2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /aux of the component MS DOS Device Name. The manipulation leads to denial of service.
This vulnerability is handled as CVE-2001-0616. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
【InForSec 2025年会顶会论文回顾】刘沛宇:探究 ChatGPT 在漏洞管理任务中的能力
3 months ago
【InForSec 2025年会顶会论文回顾】林云: 基于参照的钓鱼欺诈检测技术的自动化知识赋能
3 months ago
【InForSec 2025年会顶会论文回顾】刘超:面向安全的无线感知技术
3 months ago
【InForSec 2025年会顶会论文回顾】张允义:权威服务之殇:你的权威服务器配置真的安全么?
3 months ago
【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统
3 months ago
【InForSec 2025年会顶会论文回顾】陈熠豪: 语义驱动的互联网路由异常检测系统
3 months ago