Aggregator

ABUPが提供するIoT Cloud Platformには、不適切な権限の割り当ての脆弱性が存在します。

National Instrumentsが提供するCircuit Design Suiteには、複数の脆弱性が存在します。

日本首相石破茂于4月底的东南亚之行，悄然间勾勒出日本周边外交的战略新版图。这位上任不足七个月的日本首相，用一

现代人往往活跃于多个社交平台，使用不同的账号和昵称。情报分析的难点之一在于确认同一个人在不同平台上的身份对应关系，即跨平台身份关联。

MSFTRecon is a reconnaissance tool designed for red teamers and security professionals to map Microsoft 365 and Azure tenant infrastructure. It performs comprehensive enumeration without requiring authentication, helping identify potential security misconfigurations and attack...

The post MSFTRecon: Unauthenticated Recon Tool for Microsoft 365 & Azure appeared first on Penetration Testing Tools.

海莲花APT组织针对国内某机构攻击活动威胁情报

YATAS Yet Another Testing & Auditing Solution Features YATAS is a simple and easy-to-use tool to audit your infrastructure for misconfiguration or potential security issues. AWS – 43 Checks APIGateway AWS_APG_001 Apigateway Cloudwatch Logs...

The post YATAS: AWS security, hardening, configurations, logging auditing tool appeared first on Penetration Testing Tools.

A vulnerability classified as problematic has been found in Apple macOS up to 12.0. Affected is an unknown function of the component WebKit. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2021-30823. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple iOS and iPadOS and classified as problematic. This vulnerability affects unknown code of the component HSTS Handler. The manipulation leads to cleartext transmission of sensitive information. This vulnerability was named CVE-2021-30823. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Apple iOS and iPadOS. This vulnerability affects unknown code of the component Web Content Handler. The manipulation leads to type confusion. This vulnerability was named CVE-2021-30818. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Apple tvOS. This issue affects some unknown processing of the component Web Content Handler. The manipulation leads to type confusion. The identification of this vulnerability is CVE-2021-30818. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple Safari. Affected is an unknown function of the component Web Content Handler. The manipulation leads to type confusion. This vulnerability is traded as CVE-2021-30818. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple watchOS and classified as critical. Affected by this vulnerability is an unknown functionality of the component Web Content Handler. The manipulation leads to type confusion. This vulnerability is known as CVE-2021-30818. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple Safari. This affects an unknown part of the component Web Contents Handler. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2021-30809. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple tvOS and classified as critical. This vulnerability affects unknown code of the component Web Contents Handler. The manipulation leads to use after free. This vulnerability was named CVE-2021-30809. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple watchOS and classified as critical. This issue affects some unknown processing of the component Web Contents Handler. The manipulation leads to use after free. The identification of this vulnerability is CVE-2021-30809. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.