Aggregator

Ladon：内存加载渗透扫描器（无需落地）

Ladon 是一款多功能的渗透测试工具，旨在帮助安全专业人员完成渗透测试的各个阶段，从信

Red Hat security advisory (AV25-304)

АСУ ТП по-новому: защищённая автоматизация уже в разработке.

Alleged sale of Admin access of beta[.gouv[.fr, Government Email Breach for $10

A new malware campaign targeting Windows and Linux systems has been identified, deploying tools for evasion and credential theft

The "Russian Market" cybercrime marketplace has emerged as one of the most popular platforms for buying and selling credentials stolen by information stealer malware. [...]

A vulnerability classified as problematic was found in HPE StoreOnce Software up to 4.3.10. This vulnerability affects unknown code. The manipulation leads to path traversal. This vulnerability was named CVE-2025-37095. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A recently disclosed vulnerability in IBM InfoSphere DataStage, tracked as CVE-2025-1499, has raised concerns across the enterprise data management sector. The flaw centers on the cleartext storage of sensitive credential information, potentially exposing database authentication details to authenticated users. Below, we break down the technical aspects, impact, and available remediation for this issue. ClearText Storage […]

The post IBM DataStage Bug Exposes Database Credentials in Plain Tex appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic has been found in wpForo Plugin up to 3.1.3 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-4224. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in HPE StoreOnce Software up to 4.3.10. It has been rated as very critical. Affected by this issue is some unknown functionality. The manipulation leads to improper authentication. This vulnerability is handled as CVE-2025-37093. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in HPE StoreOnce Software up to 4.3.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal. This vulnerability is known as CVE-2025-37094. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in HPE StoreOnce Software up to 4.3.10. It has been classified as critical. Affected is an unknown function. The manipulation leads to command injection. This vulnerability is traded as CVE-2025-37092. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Freeguppy GuppY 4.5.18. It has been rated as critical. Affected by this issue is some unknown functionality of the file newsletter.php. The manipulation of the argument lng leads to sql injection. This vulnerability is handled as CVE-2010-1740. The attack may be launched remotely. Furthermore, there is an exploit available.

Qualcomm has shipped security updates to address three zero-day vulnerabilities that it said have been exploited in limited, targeted attacks in the wild. The flaws in question, which were responsibly disclosed to the company by the Google Android Security team, are listed below - CVE-2025-21479 and CVE-2025-21480 (CVSS score: 8.6) - Two incorrect authorization vulnerabilities in the Graphics

Alleged sale of unauthorized admin access to an unidentified E-Commerce store in Denmark

A vulnerability, which was classified as critical, was found in Sun Solaris 8.0/9.0/10.0. Affected is an unknown function of the component Filesystem. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2007-5462. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in eXtremail 2.1.1. It has been rated as very critical. This issue affects the function memmove. The manipulation leads to numeric error. The identification of this vulnerability is CVE-2007-5467. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in IBM WebSphere Application Server 5.x/6.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to Remote Code Execution. This vulnerability is known as CVE-2007-5483. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Ext2 Filesystems Utilities e2fsprogs. It has been rated as critical. This issue affects some unknown processing of the component Filesystem. The manipulation leads to numeric error. The identification of this vulnerability is CVE-2007-5497. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Opera Web Browser up to 9.x. This vulnerability affects unknown code of the component Frame Handler. The manipulation leads to improper input validation. This vulnerability was named CVE-2007-5540. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.