Aggregator

A vulnerability has been found in Fortinet FortiManager and FortiManager Cloud and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to os command injection. This vulnerability is known as CVE-2024-46662. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this vulnerability is the function submit of the file /api/blade-user/submit of the component User Handler. The manipulation leads to improper authorization. This vulnerability is known as CVE-2025-2320. The attack can be launched remotely. Furthermore, there is an exploit available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical has been found in Ruby on Rails up to 5.0.0. This affects the function render. The manipulation of the argument locals as part of Argument leads to code injection. This vulnerability is uniquely identified as CVE-2020-8163. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

APT报告与样本下载网站

A vulnerability was found in Informs PicServer 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component GET Request Handler. The manipulation leads to path traversal. This vulnerability is known as CVE-2001-0202. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

从初赛中脱颖而出的500支战队，将通过本次半决赛竞逐大赛决赛的“入场券”。从赛事筹备到赛制设计，本次半决赛有哪些特色、亮点？一起听听他们怎么说——

A vulnerability, which was classified as critical, has been found in Apple tvOS up to 10.1. This issue affects some unknown processing of the component WebKit. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2017-2459. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

娶了你师姐？

A vulnerability, which was classified as problematic, has been found in Apple tvOS up to 12.3. Affected by this issue is some unknown functionality of the component WebKit. The manipulation leads to cross site scripting (Universal). This vulnerability is handled as CVE-2019-8649. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Yohanes Nugroho 发布免费工具，利用 GPU 暴力破解 Linux 版Akira 勒索软件加密密钥，成功解锁文件。

安卓emulator 命令行报错：could not launch 'sdk-path/../emulator/qemu/darwin-x86_64/qemu- […]

Ingram This is a webcam device vulnerability scanning tool, that already supports Hikvision, Dahua, and other devices. Installation Firstly, clone this repo: git clone https://github.com/jorhelp/Ingram.git Then, go to the repo dir, create a virtual...

The post Ingram: webcam device vulnerability scanning tool appeared first on Penetration Testing Tools.

NucleiFuzzer = Nuclei + Paramspider NucleiFuzzer is an advanced automation tool designed to streamline and optimize web application security testing by integrating a suite of powerful URL discovery and vulnerability scanning tools. It combines...

The post NucleiFuzzer: a powerful automation tool for detecting xss, sqli, ssrf, open-redirect vulnerabilities in webapps appeared first on Penetration Testing Tools.