Aggregator

A vulnerability was found in Adobe ColdFusion 2021 and ColdFusion 2023. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-20767. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in Xlightftpd Xlight FTP Server 1.1. This vulnerability affects unknown code of the component Login. The manipulation of the argument User leads to denial of service. This vulnerability was named CVE-2024-0737. The attack can be initiated remotely. Furthermore, there is an exploit available.

Evilent Coerce A practical NTLM relay attack using the MS-EVEN RPC protocol and antivirus-assisted coercion. Evilent is a PoC tool that triggers the ElfrOpenBELW procedure in the MS-EVEN RPC interface (used for Windows Event...

The post Evilent PoC Exposes Windows Event Log Vulnerability, Leaking NetNTLMv2 Credentials via SMB Share appeared first on Penetration Testing Tools.

What if defenders could prepare for new vulnerabilities before they’re disclosed? GreyNoise’s latest research reveals that spikes in attacker activity often precede the disclosure of new CVEs — typically within six weeks. These findings shed light on a narrow but reliable early warning signal, giving security teams a critical window to harden defenses, monitor closely, and act ahead of emerging threats.

Close the speed gap in your security. GreyNoise unveils new real-time dynamic blocklists, push-based threat intelligence feeds, and SOAR integrations to help defenders detect, block, and respond to automated attacks faster than ever.

让地下环隧管理系统安全、稳定、高速运行。

Cybersecurity experts have identified more than a dozen critical vulnerabilities within the Niagara Framework—a platform developed by Tridium, a subsidiary of Honeywell. This technology is extensively deployed in the automation and management of smart...

The post Critical Flaws (CVSS 9.8) in Honeywell’s Niagara Framework Expose Smart Buildings & Industrial Systems to Root Access appeared first on Penetration Testing Tools.

A vulnerability was found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. This vulnerability is known as CVE-2025-54438. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. Affected is an unknown function. The manipulation leads to unrestricted upload. This vulnerability is traded as CVE-2025-54440. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2025-54444. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052. This affects an unknown part. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2025-54439. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052 and classified as critical. This issue affects some unknown processing. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2025-54442. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. This vulnerability is known as CVE-2025-8179. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in code-projects Exam Form Submission 1.0. This issue affects some unknown processing of the file /admin/update_s3.php. The manipulation of the argument credits leads to sql injection. The identification of this vulnerability is CVE-2025-8249. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Samsung Electronics MagicINFO 9 Server 21.1050/21.1052 and classified as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2025-54441. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Lakeside SyStrack. This issue affects some unknown processing of the file LsiAgent.exe of the component Environment Variable Handler. The manipulation of the argument SYSTEM PATH leads to uncontrolled search path. The identification of this vulnerability is CVE-2025-6241. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A critical vulnerability has been discovered in Google’s newly released command-line interface tool, Gemini CLI, which could allow attackers to covertly execute malicious commands and exfiltrate data from developers’ machines—provided certain commands are permitted...

The post Critical Gemini CLI Flaw: Google’s AI Tool Allowed Silent Code Execution via Prompt Injection appeared first on Penetration Testing Tools.

Google wants to shorten delays in the vulnerability lifecycle by sharing limited details about newly discovered defects within a week of reporting to the affected vendor.

The post Project Zero disclosure policy change puts vendors on early notice appeared first on CyberScoop.

In mid-July, cybersecurity experts at Kaspersky Lab reported a widespread campaign targeting on-premises Microsoft SharePoint servers across the globe. The exploit chain, dubbed ToolShell, enables attackers to gain full control over vulnerable systems by...

The post ToolShell: Microsoft SharePoint Zero-Day Chain Actively Exploited Globally – Auth Bypass & RCE Confirmed appeared first on Penetration Testing Tools.

本期周报简介：1、如何利用syslog日志有效还原网络流量以供NTA分析？在私有云环境，有哪些方法能提高流量还原的准确性与完整性？ 2、通过互联网向外部合作公司开放SFTP服务时，除了设置IP白名单和登录验证，还应采取哪些额外的安全措施？