Aggregator

轻装上阵:Javassist聚焦代码审计关键点实践

信息安全知识库
3 weeks 4 days ago
本文链接


《轻装上阵:Javassist聚焦代码审计关键点实践》提出用字节码操作库Javassist突破传统正则与SAST瓶颈,精准提取Spring等框架的路由映射、方法参数与注解语义,自动识别Runtime.exec、ScriptEngine.eval等敏感sink;结合参数签名分析,复现JDBC任意文件写入等CVE,实现无源码、低成本的蓝军快速审计。工具已集成路由提取、sink定位、参数校验三大模块,可作为轻量级辅助手段,显著提升代码审计效率。

企业内部的渗透测试自动化探索

信息安全知识库
3 weeks 4 days ago
本文链接


《企业内部的渗透测试自动化探索》由平安科技廖汇铭分享,提出“API 资产中心 → 标准化用例 → AI 漏洞研判”三位一体自动化平台:通过流量镜像、语义打标、路径折叠去重,5 分钟完成 10 万级 API 分类(准确率 92-95%);基于标签自动生成水平越权、SQL 注入、支付绕过等 200+ 标准化用例,分布式执行器 1 小时完成千接口测试;AI 研判智能体引入正向-反向双提示与证据链校验,越权误报降低 80%,整体自动化覆盖率 45.9%,漏洞发现占比 38.3%,实现渗透测试从“手工经验”到“可持续工程体系”的跃迁。

攻击者视角下的业务智能体渗透

信息安全知识库
3 weeks 4 days ago
本文链接


《攻击者视角下的业务智能体渗透》由平安Hamber团队出品,聚焦大模型与智能体在金融科技场景中的新型攻击面。报告系统梳理提示词注入、工具滥用、身份伪装、MCP越权、知识库污染、XSS/SSRF/命令执行等10+实战手法,演示如何通过一次“查薪资”诱导智能体泄露他人工资、伪造token调用未公开接口、上传恶意MCP插件横向移动并获取内网shell。作者提出“智能体应用扫描-画像-决策”闭环渗透框架,结合CVE实例与平安众测数据,输出可落地的风险矩阵及加固方案,助力企业从设计、部署到运营全生命周期守护数字员工安全。

CVE-2024-28869 | Traefik up to 2.11.1/3.0.0-rc4 Request Header Content-length exceptional condition (GHSA-4vwx-54mw-vqfw)

Vuldb Updates
3 weeks 4 days ago
A vulnerability classified as problematic was found in Traefik up to 2.11.1/3.0.0-rc4. This vulnerability affects unknown code of the component Request Header Handler. Such manipulation of the argument Content-length leads to handling of exceptional conditions. This vulnerability is uniquely identified as CVE-2024-28869. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2024-3991 | devitemsllc ShopLentor Plugin up to 2.8.7 on WordPress _id cross site scripting (ID 3080097)

Vuldb Updates
3 weeks 4 days ago
A vulnerability identified as problematic has been detected in devitemsllc ShopLentor Plugin up to 2.8.7 on WordPress. Affected by this issue is some unknown functionality. The manipulation of the argument _id leads to cross site scripting. This vulnerability is documented as CVE-2024-3991. The attack can be initiated remotely. There is not any exploit available. Applying a patch is the recommended action to fix this issue.
vuldb.com

CVE-2025-38733 | Linux Kernel up to 6.12.43/6.16.3/6.17-rc2 relocate_lowcore null pointer dereference (Nessus ID 261644 / WID-SEC-2025-1988)

Vuldb Updates
3 weeks 4 days ago
A vulnerability has been found in Linux Kernel up to 6.12.43/6.16.3/6.17-rc2 and classified as critical. This affects the function relocate_lowcore. The manipulation leads to null pointer dereference. This vulnerability is listed as CVE-2025-38733. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.
vuldb.com

CVE-2025-38734 | Linux Kernel up to 6.6.102/6.12.43/6.16.3/6.17-rc2 net smc_listen_out null pointer dereference (Nessus ID 261597 / WID-SEC-2025-1988)

Vuldb Updates
3 weeks 4 days ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.102/6.12.43/6.16.3/6.17-rc2. This affects the function smc_listen_out of the component net. Performing manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-38734. The attack must originate from the local network. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-38737 | Linux Kernel up to 6.12.43/6.16.3/6.17-rc2 smb3_init_transform_rq buffer overflow (Nessus ID 261649 / WID-SEC-2025-1988)

Vuldb Updates
3 weeks 4 days ago
A vulnerability was found in Linux Kernel up to 6.12.43/6.16.3/6.17-rc2. It has been declared as critical. Impacted is the function smb3_init_transform_rq. Executing manipulation can lead to buffer overflow. This vulnerability appears as CVE-2025-38737. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-54386 | Traefik up to 2.11.27/3.4.4/3.5.0-rc1 ZIP Archive path traversal (GHSA-q6gg-9f92-r9wg / EUVD-2025-23415)

Vuldb Updates
3 weeks 4 days ago
A vulnerability categorized as critical has been discovered in Traefik up to 2.11.27/3.4.4/3.5.0-rc1. The impacted element is an unknown function of the component ZIP Archive Handler. Such manipulation leads to path traversal. This vulnerability is listed as CVE-2025-54386. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-2946 | devitemsllc ShopLentor Plugin up to 2.8.4 on WordPress QR Code Widget cross site scripting

Vuldb Updates
3 weeks 4 days ago
A vulnerability was found in devitemsllc ShopLentor Plugin up to 2.8.4 on WordPress. It has been rated as problematic. Affected is an unknown function of the component QR Code Widget. Performing manipulation results in cross site scripting. This vulnerability is reported as CVE-2024-2946. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com

CVE-2025-65957 | Intercore-Productions Core-Bot Configuration SUPABASE_API_KEY/TOKEN information disclosure (GHSA-42j6-x28v-38r8 / CNNVD-202511-2819)

Vuldb Updates
3 weeks 4 days ago
A vulnerability classified as problematic has been found in Intercore-Productions Core-Bot. The impacted element is an unknown function of the component Configuration Handler. Performing manipulation of the argument SUPABASE_API_KEY/TOKEN results in information disclosure. This vulnerability is cataloged as CVE-2025-65957. It is possible to initiate the attack remotely. There is no exploit available. Applying a patch is the recommended action to fix this issue.
vuldb.com

CVE-2025-65963 | humhub cfiles up to 0.16.10/0.17.1 access control (GHSA-rv2x-7qwp-2hf4 / CNNVD-202511-2818)

Vuldb Updates
3 weeks 4 days ago
A vulnerability categorized as critical has been discovered in humhub cfiles up to 0.16.10/0.17.1. Impacted is an unknown function. The manipulation results in improper access controls. This vulnerability was named CVE-2025-65963. The attack may be performed from remote. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

Managed ad