Aggregator

A vulnerability was found in PHPGurukul Online Course Registration 3.1. It has been classified as critical. This affects an unknown part of the file /change-password.php. The manipulation leads to session expiration. This vulnerability is uniquely identified as CVE-2025-50485. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in PHPGurukul Car Rental Project 3.0. It has been declared as critical. This vulnerability affects unknown code of the file /update-password.php. The manipulation leads to session expiration. This vulnerability was named CVE-2025-50486. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in MetForm Plugin up to 4.0.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument mf-template leads to cross site scripting. This vulnerability is handled as CVE-2025-5684. The attack may be launched remotely. There is no exploit available.

开源项目PakePlus利用用户GitHub令牌自动关注开发者及其项目，并默认Star相关项目。该行为未明确告知用户，引发隐私和安全担忧。此外，PakePlus还被质疑涉嫌抄袭其他开源项目。

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr/url/vpnPassword/vpnUser leads to buffer overflow. This vulnerability was named CVE-2025-8242. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer overflow. The identification of this vulnerability is CVE-2025-8243. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr leads to buffer overflow. This vulnerability is traded as CVE-2025-8244. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAPVLAN of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is known as CVE-2025-8245. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formRoute of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is handled as CVE-2025-8246. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Student Result Management System 2.0. It has been classified as critical. This affects an unknown part of the file /elms/emp-changepassword.php. The manipulation leads to session expiration. This vulnerability is uniquely identified as CVE-2025-50490. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in PHPGurukul Doctor Appointment Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /doctor/change-password.php. The manipulation leads to session expiration. This vulnerability was named CVE-2025-50493. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in PHPGurukul Car Washing Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /doctor/change-password.php. The manipulation leads to session expiration. The identification of this vulnerability is CVE-2025-50494. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in JetBrains TeamCity. This affects an unknown part of the component Build Settings Handler. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2025-54532. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in JetBrains TeamCity and classified as problematic. This vulnerability affects unknown code of the component Build Setting Handler. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2025-54533. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JetBrains TeamCity. It has been classified as problematic. Affected is an unknown function of the component Verification Token Handler. The manipulation leads to use of weak hash. This vulnerability is traded as CVE-2025-54535. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.101/5.15.24/5.16.10 and classified as critical. This issue affects some unknown processing of the component Pipe Handler. The manipulation leads to improper initialization. The identification of this vulnerability is CVE-2022-0847. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

文章讨论了错误代码521的原因、解决方法及预防措施。

HackerNews 编译，转载请注明出处： 网络安全公司Darktrace在2025年4月的事件响应中发现，攻击者利用SAP NetWeaver高危漏洞CVE-2025-31324，对美国某化工企业部署Linux后门病毒Auto-Color。调查显示该恶意软件已升级新型规避技术。 此次攻击始于4月25日，活跃利用发生在27日，攻击者向目标设备植入ELF可执行文件。Auto-Color最初由Palo Alto Networks Unit 42团队于2025年2月记录，其具备高隐蔽性且难以根除。该后门根据运行权限动态调整行为模式，通过劫持”ld.so.preload”实现共享库注入式持久化驻留。 Auto-Color具备任意命令执行、文件篡改、反向shell远程控制、流量代理转发及动态配置更新能力，其根模块可隐藏恶意活动痕迹。Unit 42此前未能确定该病毒针对北美和亚洲政府及高校的初始感染途径。 Darktrace最新研究证实，攻击者通过NetWeaver漏洞实现未授权上传恶意二进制文件并执行远程代码。SAP已于2025年4月发布补丁，但ReliaQuest、Onapsis等机构监测到漏洞修复数日后即出现大规模利用尝试。 除初始攻击途径外，Darktrace还发现Auto-Color新增规避机制：当无法连接硬编码C2服务器时，恶意程序将抑制多数恶意行为。在沙箱或隔离环境中，该特性使病毒呈现良性特征。”若C2服务器不可达，Auto-Color会暂停完整恶意功能加载，使分析人员误判其无害性，”Darktrace解释称，”该机制有效阻碍逆向工程人员揭露其载荷、凭证窃取及持久化技术”。此特性在原Unit 42披露的权限感知逻辑、无害文件名伪装、libc函数劫持、伪造日志目录等技术基础上再次升级。 鉴于Auto-Color正积极利用该漏洞，管理员需立即应用SAP客户公告中的安全更新或缓解措施。       消息来源：bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

文章介绍了错误代码521的原因及解决方法。该错误通常由网络连接问题或服务器配置错误引起。常见原因是ISP设置不当或防火墙限制。解决方法包括检查网络连接、重启路由器、清除缓存、联系ISP或调整防火墙设置以恢复正常访问。

HackerNews 编译，转载请注明出处： 固件安全与供应链风险管理公司 Binarly 周二报告称，联想设备受到多个漏洞影响，其中一些漏洞可能允许攻击者在目标系统上部署持久性植入程序。 Binarly 在联想一体台式机中发现了总共六个漏洞，具体存在于系统管理模式（SMM）中，这是一种用于低级系统管理的操作模式。 由于 SMM 在操作系统加载之前启动，并且在重新安装系统后仍然存在，因此对于试图绕过安全启动（旨在确保启动时仅加载可信软件的安全功能）并部署隐蔽恶意软件的威胁行为者来说，它可能是一个理想目标。 这些漏洞已被分配 CVE 标识符，从 CVE-2025-4421 到 CVE-2025-4426。其中四个被评为 “高严重性”，其余则被归类为 “中严重性”。 高严重性漏洞属于内存损坏问题，可能导致在 SMM 中发生权限提升和任意代码执行。中严重性漏洞可能导致信息泄露和安全机制被绕过。 能够接触到目标联想设备的威胁行为者可利用这些漏洞绕过 SPI 闪存保护措施和安全启动，部署能在操作系统重新安装后仍然存在的植入程序，甚至破坏虚拟机监控程序隔离。 Binarly 于 4 月向联想报告了这些漏洞，厂商在 6 月确认了相关发现。目前，联想已提供补丁和缓解措施。 联想和 Binarly 均将于周二发布描述这些漏洞的安全公告。       消息来源：securityweek； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文