Aggregator

CVE-2025-24060 | Microsoft Windows up to Server 2025 DWM Core Library input validation (EUVD-2025-10248)

Vuldb Updates
3 months 2 weeks ago
A vulnerability was found in Microsoft Windows. It has been rated as critical. Affected by this issue is some unknown functionality of the component DWM Core Library. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2025-24060. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-29801 | Microsoft AutoUpdate on macOS default permission (EUVD-2025-10136)

Vuldb Updates
3 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Microsoft AutoUpdate on macOS. Affected is an unknown function. The manipulation leads to incorrect default permissions. This vulnerability is traded as CVE-2025-29801. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2025-21204 | Microsoft Windows up to Server 2025 Process Activation link following (EUVD-2025-10245)

Vuldb Updates
3 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Microsoft Windows. This affects an unknown part of the component Process Activation. The manipulation leads to link following. This vulnerability is uniquely identified as CVE-2025-21204. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

针对 glibc 中 realloc() 函数源码在 2.2x ~ 2.3x 版本的深度解析

先知技术社区
3 months 2 weeks ago
文章主要基于 glibc 2.23 版本的源码对 realloc() 的执行逻辑以及检查措施进行了逐行深度解析,同时给出了针对 glibc 版本更迭中 realloc() 在防护措施与各类功能的标准化进行了简要介绍,最后总结了 realloc() 在执行时针对不同参数情况的完整检查与执行流,帮助大家对于该函数的执行逻辑以及检查手段有更深的了解

java之jdk17反射机制绕过深入剖析

先知技术社区
3 months 2 weeks ago
java之jdk17反射机制绕过深入剖析问题分析先写一个测试代码,通过反射调用 defineclass 方法加载恶意字节码,然后进行运行的时候发现报错,看报错信息不难发现是在 setAccessible 出的问题,跟进该方法调用了 checkCanSetAccessible 方法,继续跟进看着逻辑有点多,但是发现如果满足下面这几种情况是可以返回 true 就可以进行反射调用了。第一个 if:调用者

Zero Networks Lands $55M Series C to Drive Zero Trust Growth

Ransomware DataBreachToday.com
3 months 2 weeks ago
Florida Vendor Set to Reach $100M ARR by 2027 With Identity Segmentation, ZTNA Push
With $55 million in Series C funding led by Highland Europe, Zero Networks aims to expand its zero trust architecture through identity segmentation and zero trust network access. The Orlando, Fla.-based microsegmentation startup aims to double headcount and target a $100 million ARR goal by 2027.

Unpatched Buffer Overflow in Schneider Home Devices

Ransomware DataBreachToday.com
3 months 2 weeks ago
Vulnerability Could Enable Remote Code Injection Attacks
When the lights start flickering in homes equipped with Schneider Electric end-of-life smart switches, it could be hackers, now that the French company disclosed a remotely exploitable vulnerability that won't receive a patch. No hacking has been reported to date.

LockBit Crackdown Fragmented Russian Cybercrime Groups

Ransomware DataBreachToday.com
3 months 2 weeks ago
Onslought Also Paved Way for Rise of English-Speaking Hackers
An international law enforcement crackdown on the LockBit ransomware group caused fragmentation and distrust among Russian-speaking cybercrime groups, paving the way for English-speaking hacking groups to gain prominence, experts said Tuesday during a London conference.

OffensiveCon25 – Garbage Collection In V8

Security Boulevard
3 months 2 weeks ago

Authors/Presenters: Richard Abou Chaaya and John Stephenson

Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel.

Thanks and a Tip O' The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending the OffensiveCon 25 conference.

Permalink

The post OffensiveCon25 – Garbage Collection In V8 appeared first on Security Boulevard.

Marc Handelman

CVE-2024-39722: Ollama 模型/文件存在性漏洞成因探究及完整利用过程

先知技术社区
3 months 2 weeks ago
此漏洞源于 Ollama 处理 `/api/push` API 请求时对用户提供的模型名称缺乏充分的验证和清理。当用户尝试推送一个模型时,Ollama 服务器会检查该模型是否存在。如果模型名称被构造成一个文件路径(例如,使用路径遍历序列如 `../../..`),服务器的响应(或缺乏错误响应)可以间接揭示该路径在服务器上是否有效。文章详细解释了漏洞的原理以及从爬取模型信息到分析响应的利用过程。

CVE-2022-34706 | Microsoft Windows up to Server 2022 Local Security Authority privilege escalation (EUVD-2022-37656)

Vuldb Updates
3 months 2 weeks ago
A vulnerability classified as critical was found in Microsoft Windows. Affected by this vulnerability is an unknown functionality of the component Local Security Authority. The manipulation leads to privilege escalation. This vulnerability is known as CVE-2022-34706. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2017-7061 | Apple Safari up to 10.1.1 WebKit memory corruption (HT207921 / EDB-42666)

Vuldb Updates
3 months 2 weeks ago
A vulnerability classified as critical has been found in Apple Safari up to 10.1.1. Affected is an unknown function of the component WebKit. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2017-7061. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad