Aggregator
CVE-2025-7118 | UTT HiPER 840G up to 3.1.1-190328 /goform/formPictureUrl importpictureurl buffer overflow
11 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in UTT HiPER 840G up to 3.1.1-190328. This issue affects some unknown processing of the file /goform/formPictureUrl. The manipulation of the argument importpictureurl leads to buffer overflow.
The identification of this vulnerability is CVE-2025-7118. The attack may be initiated remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2025-7117 | UTT HiPER 840G up to 3.1.1-190328 /goform/websWhiteList addHostFilter buffer overflow
11 months 2 weeks ago
A vulnerability classified as critical was found in UTT HiPER 840G up to 3.1.1-190328. This vulnerability affects unknown code of the file /goform/websWhiteList. The manipulation of the argument addHostFilter leads to buffer overflow.
This vulnerability was named CVE-2025-7117. The attack can be initiated remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2025-7116 | UTT 进取 750W up to 3.2.2-191225 Fast_wireless_conf ssid buffer overflow
11 months 2 weeks ago
A vulnerability classified as critical has been found in UTT 进取 750W up to 3.2.2-191225. This affects an unknown part of the file /goform/Fast_wireless_conf. The manipulation of the argument ssid leads to buffer overflow.
This vulnerability is uniquely identified as CVE-2025-7116. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
Submit #605875: UTT HiPER 840G <=V3v3.1.1-190328 Buffer Overflow [Accepted]
11 months 2 weeks ago
Submit #605875 / VDB-315029
yuhongxiang
Submit #605864: UTT HiPER 840G <=V3v3.1.1-190328 Buffer Overflow [Accepted]
11 months 2 weeks ago
Submit #605864 / VDB-315028
yuhongxiang
Submit #605862: UTT 进取 750W <=v5v3.2.2-191225 Buffer Overflow [Accepted]
11 months 2 weeks ago
Submit #605862 / VDB-315027
yuhongxiang
SatanLock New Threat Actor
11 months 2 weeks ago
You must login to view this content
cohenido
SatanLock
11 months 2 weeks ago
You must login to view this content
cohenido
SatanLock
11 months 2 weeks ago
You must login to view this content
cohenido
Roundcube Webmail(CVE-2025-49113)认证后php反序列化rce复现新视角
11 months 2 weeks ago
CVE-2025-49113认证后php反序列化rce复现新视角……一个有趣的php反序列化对象注入导致的命令执行
SatanLock
11 months 2 weeks ago
You must login to view this content
cohenido
SatanLock
11 months 2 weeks ago
You must login to view this content
cohenido
免杀基础
11 months 2 weeks ago
shellcode使用了xor与ipv6的形式,动态api调用免杀框架
CVE-2004-1619 | Akella Privateers Bounty: Age Of Sail II 1.4.51 Nickname memory corruption (EDB-604 / XFDB-17791)
11 months 2 weeks ago
A vulnerability has been found in Akella Privateers Bounty: Age Of Sail II 1.4.51 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Nickname Handler. The manipulation leads to memory corruption.
This vulnerability is known as CVE-2004-1619. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
JAVA代码审计之鉴权逻辑错误审计小记
11 months 2 weeks ago
JAVA代码审计之鉴权逻辑错误审计小记
自定义 String 哈希算法
11 months 2 weeks ago
这篇文章主要介绍了自定义 String 哈希算法的定义、特点以及应用场景,特别详细地讲解了两种常见的算法:ROTR32 和 CRC32。
从两次DOMPurify绕过探索绕过xss过滤器之法
11 months 2 weeks ago
在 Web 开发中,注入用户提供的 HTML 代码需求普遍存在,但这一过程伴随显著的安全风险,尤其需防范跨站脚本攻击(XSS)。尽管业界已有成熟的 XSS 过滤器(如 DOMPurify),但其配置不当或机制缺陷仍可能被利用。本文聚焦于命名空间混淆、MXSS(突变 XSS)、DOM Clobbering等前沿攻击技术,通过解析基础概念与实战案例,揭示两次 DOMPurify 绕过的核心原理,旨在帮
RALord
11 months 2 weeks ago
You must login to view this content
cohenido
Миллиарды лет назад Марс ещё боролся за воду. Теперь учёные знают — почему он проиграл
11 months 2 weeks ago
Неужели наш загадочный сосед — самоубийца?