Swagger UI 的隐藏陷阱,XSS 注入一击即中(CVE-2025-8191)
🚶🚶每一步,都算数。虽然 CVE-2025-8191 在 NVD 中被标注为 macrozheng/mall
Aggregator
OpenAI 单月营收已经破 10 亿美元;马斯克的 Grok,用户聊天记录在「裸奔」;谷歌发布 AI 手机 | 极客早知道
5 months 3 weeks ago
· 法国一受虐博主直播中身亡,平台被指控监管不力
OpenAI 单月营收已经破 10 亿美元;马斯克的 Grok,用户聊天记录在「裸奔」;谷歌发布 AI 手机 | 极客早知道
5 months 3 weeks ago
当前环境异常需完成验证后才能继续访问。
派早报:Google 发布 Pixel 10 系列,《黑神话:钟馗》确认等
5 months 3 weeks ago
error code: 1016
【转载】国家安全情报理论研究“融智论坛”征文
5 months 3 weeks ago
为推进中国特色国家安全情报学学科体系、学术体系和话语体系建设,推动中国特色国家安全情报理论研究,中国人民警察大学定于2025年11月14日至15日在河北廊坊举办第二届国家安全情报理论研究“融智论坛”。
【反恐】2025年8月全球恐怖主义态势及应对策略
5 months 3 weeks ago
2025年8月全球恐怖主义态势及应对策略
.NET 旧威胁新挑战:2025年 SQL 注入漏洞攻与防
5 months 3 weeks ago
.NET 安全攻防知识交流社区
5 months 3 weeks ago
.NET内网实战: 通过 FileSecurity 获取目录及文件控制列表和规则
5 months 3 weeks ago
.NET 旧威胁新挑战:2025年 SQL 注入漏洞攻与防
5 months 3 weeks ago
当前环境出现异常,请完成验证后继续访问。
.NET 安全攻防知识交流社区
5 months 3 weeks ago
当前环境异常需完成验证后继续访问。
.NET内网实战: 通过 FileSecurity 获取目录及文件控制列表和规则
5 months 3 weeks ago
当前环境出现异常,需完成验证后方可继续访问。点击“去验证”进行操作。
CROSS-X: Generalized and Stable Cross-Cache Attack on the Linux Kernel (to appear)
5 months 3 weeks ago
Dongok Kim、Juhyun Song和Insu Yun的研究探讨了一种新型的安全机制,并分析了其在实际应用中的效果与安全性。
Windows plays Jenga: Uncovering Design Weaknesses in Windows File System Security (to appear)
5 months 3 weeks ago
这篇文章探讨了最新的网络安全威胁及其防御策略,并提出了一种创新的隐私保护机制,在计算机和通信安全领域具有重要应用价值。
New AI prompt/data-leak scanner — try to break it (PrivGuard)
5 months 3 weeks ago
Reddit及其合作伙伴使用cookies等技术以提升用户体验。接受所有cookies即同意其用于提供服务、个性化内容与广告及衡量广告效果。拒绝非必要cookies仍可能使用部分cookies以确保平台正常运作。更多信息请见隐私政策和Cookie通知。
Formula for persuasive debate?
5 months 3 weeks ago
Reddit及其合作伙伴使用cookies等技术提升用户体验。接受所有cookies即同意其用于服务维护、内容优化、个性化广告及广告效果评估。拒绝非必要cookies时,仍会使用部分cookie确保平台正常运行。详情请查阅Cookie Notice和Privacy Policy。
CVE-2025-7953 | Sanluan PublicCMS up to 5.202506.a viewer.html File redirect
5 months 3 weeks ago
A vulnerability described as problematic has been identified in Sanluan PublicCMS up to 5.202506.a. Affected by this issue is some unknown functionality of the file publiccms-parent/publiccms/src/main/webapp/resource/plugins/pdfjs/viewer.html. Executing manipulation of the argument File can lead to open redirect.
This vulnerability appears as CVE-2025-7953. The attack may be performed from a remote location. In addition, an exploit is available.
A patch should be applied to remediate this issue.
vuldb.com
CVE-2025-54655 | Huawei HarmonyOS 5.0.1/5.0.2 Virtualization Base toctou
5 months 3 weeks ago
A vulnerability was found in Huawei HarmonyOS 5.0.1/5.0.2. It has been classified as critical. The impacted element is an unknown function of the component Virtualization Base Module. Performing manipulation results in time-of-check time-of-use.
This vulnerability is reported as CVE-2025-54655. The attack requires a local approach. No exploit exists.
vuldb.com
CVE-2025-54606 | Huawei HarmonyOS 5.0.1 Lock Screen logic error
5 months 3 weeks ago
A vulnerability described as problematic has been identified in Huawei HarmonyOS 5.0.1. Affected by this issue is some unknown functionality of the component Lock Screen Module. Executing manipulation can lead to business logic errors.
This vulnerability is handled as CVE-2025-54606. The physical device can be targeted for the attack. There is not any exploit available.
vuldb.com
CVE-2025-54608 | Huawei HarmonyOS 5.0.1/5.1.0 Screen Management access control
5 months 3 weeks ago
A vulnerability was found in Huawei HarmonyOS 5.0.1/5.1.0. It has been rated as critical. Affected is an unknown function of the component Screen Management Module. This manipulation causes improper access controls.
This vulnerability is registered as CVE-2025-54608. The attack needs to be launched locally. No exploit is available.
vuldb.com