iPhone
该文章介绍了数字取证科学及其应用范围。数字取证涉及从数字设备中恢复和调查材料,并用于计算机犯罪的归属和事件重建。该领域结合了信息安全原则,并涵盖个人电脑、手机、视频等多种媒体类型。
Aggregator
CVE-2025-7949 | Sanluan PublicCMS up to 5.202506.a preview.html url redirect (Issue 87)
9 months ago
A vulnerability was found in Sanluan PublicCMS up to 5.202506.a. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file publiccms-parent/publiccms/src/main/resources/templates/admin/cmsDiy/preview.html. The manipulation of the argument url leads to open redirect.
This vulnerability is known as CVE-2025-7949. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CoinDCX Hacked – $44.2 million Wiped off From the Platform
9 months ago
India’s second-largest cryptocurrency exchange, CoinDCX, confirmed a sophisticated security breach on July 19, 2025, resulting in approximately $44.2 million being stolen from the platform. This incident marks another significant cyberattack on India’s crypto infrastructure, coming exactly one year after the devastating WazirX hack that cost investors $235 million. Key Takeaways1. CoinDCX lost $44.2 million to […]
The post CoinDCX Hacked – $44.2 million Wiped off From the Platform appeared first on Cyber Security News.
Guru Baran
Submit #619358: code-projects Public Chat Room 1.0 Stored XSS [Accepted]
9 months ago
Submit #619358 / VDB-317097
balancelee
Submit #619313: code-projects Public Chat Room 1.0 SQL Injection [Accepted]
9 months ago
Submit #619313 / VDB-317096
balancelee
Приватное стало публичным: пикантные фото из фитнес-приложения попали в открытый доступ
9 months ago
Обещали шифрование, но не спросили даже пароля. Спасибо, Fitify.
Submit #619280: sanluan https://github.com/sanluan/PublicCMS <=V5.202506.a SSRF [Duplicate]
9 months ago
Submit #619280 / VDB-271388
ZAST.AI
Submit #619278: sanluan https://github.com/sanluan/PublicCMS <=V5.202506.a Open Redirect [Accepted]
9 months ago
Submit #619278 / VDB-317095
ZAST.AI
CVE-2025-1469 | Turtek Eyotek prior 11.03.2025 authorization (EUVD-2025-22071)
9 months ago
A vulnerability was found in Turtek Eyotek. It has been classified as problematic. Affected is an unknown function. The manipulation leads to authorization bypass.
This vulnerability is traded as CVE-2025-1469. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-6107 | Canonical MAAS up to 3.1.3/3.2.10/3.3.7/3.4.3/3.5.0 RPC Command improper authentication (EUVD-2024-54803)
9 months ago
A vulnerability was found in Canonical MAAS up to 3.1.3/3.2.10/3.3.7/3.4.3/3.5.0 and classified as critical. This issue affects some unknown processing of the component RPC Command Handler. The manipulation leads to improper authentication.
The identification of this vulnerability is CVE-2024-6107. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-4570 | ASUS MyASUS hard-coded credentials (EUVD-2025-22064)
9 months ago
A vulnerability has been found in ASUS MyASUS and classified as critical. This vulnerability affects unknown code. The manipulation leads to hard-coded credentials.
This vulnerability was named CVE-2025-4570. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-4569 | ASUS MyASUS hard-coded credentials (EUVD-2025-22065)
9 months ago
A vulnerability, which was classified as critical, was found in ASUS MyASUS. This affects an unknown part. The manipulation leads to hard-coded credentials.
This vulnerability is uniquely identified as CVE-2025-4569. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4049 | Signum FARA up to 5.0.80.34 SQLite Database hard-coded credentials (EUVD-2025-22066)
9 months ago
A vulnerability, which was classified as critical, has been found in Signum FARA up to 5.0.80.34. Affected by this issue is some unknown functionality of the component SQLite Database. The manipulation leads to hard-coded credentials.
This vulnerability is handled as CVE-2025-4049. The attack needs to be approached locally. There is no exploit available.
vuldb.com
微软希望Windows 11用户提交反馈优化系统性能 反馈中心可提交系统日志
9 months ago
微软鼓励Windows 11用户通过反馈中心提交性能问题,并附加系统转储日志以帮助改进。此功能目前仅适用于Windows Insider预览版用户,正式版用户的日志不会被自动收集。
Submit #619183: itsourcecode Insurance Management System V1.0 SQL Injection [Duplicate]
9 months ago
Submit #619183 / VDB-199684
viaiam
HPE Warns of Aruba Hardcoded Credentials Allowing Attackers to Bypass Device Authentication
9 months ago
A critical vulnerability in Hewlett Packard Enterprise (HPE) Aruba Networking Instant On Access Points could allow attackers to bypass device authentication mechanisms completely. The vulnerability, tracked as CVE-2025-37103, stems from hardcoded login credentials embedded within the devices’ software, presenting a severe security risk with a maximum CVSS score of 9.8. Key Takeaways1. HPE Aruba Access […]
The post HPE Warns of Aruba Hardcoded Credentials Allowing Attackers to Bypass Device Authentication appeared first on Cyber Security News.
Guru Baran
英伟达向Linux发布新版显卡驱动程序570.172.08 支持RTX 5050和提高稳定性
9 months ago
英伟达发布适用于Linux系统的稳定版驱动程序570.172.08,提供更好的稳定性和错误修复。新增对RTX5050显卡的支持,并可能包含安全改进。尽管Rowhammer漏洞被曝光,英伟达尚未提供详细信息。
情报每周回顾 2025-07-20
9 months ago
The Cyber Canon, ditching the SOC 2, and the weekly enterprise news - Helen Patton - ESW #416
9 months ago
文章介绍了网络安全领域的名人堂书籍——Cybersecurity Canon及其精选书单,旨在为专业人士提供核心读物;联合创始人Helen Patton分享了Canon的发展历程,并介绍了她的著作《Navigating the Cybersecurity Career Path》;同时讨论了行业观点及企业安全动态。
Cybersecurity Isn’t Just an IT Line Item — It’s a Business Imperative
9 months ago
Cybersecurity officers need to remember that the reality is, most attacks don’t begin with a dramatic break-in… they start with a login.
The post Cybersecurity Isn’t Just an IT Line Item — It’s a Business Imperative appeared first on Security Boulevard.
Almog Apirion