Aggregator

A vulnerability, which was classified as critical, was found in MaxSite CMS up to 109. This issue affects some unknown processing of the file application/maxsite/admin/plugins/editor_files/save-file-ajax.php. Executing manipulation of the argument file_path/content can lead to unrestricted upload. This vulnerability is handled as CVE-2025-12347. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, has been found in MaxSite CMS up to 109. This vulnerability affects unknown code of the file application/maxsite/admin/plugins/auto_post/uploads-require-maxsite.php of the component HTTP Header Handler. Performing manipulation of the argument X-Requested-FileName/X-Requested-FileUpDir results in unrestricted upload. This vulnerability is known as CVE-2025-12346. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

VEH异常调用链控制程序流程原理及分析

根据发表在《自然》期刊上的一项研究，在新冠疫情期间拯救数百万人生命的 mRNA 疫苗可能激活免疫系统识别和杀死癌细胞。研究人员调查了逾千名接受免疫疗法 immune checkpoint inhibitors 的晚期黑色素瘤和肺癌患者，该疗法通过阻断肿瘤细胞制造的用于关闭免疫细胞的蛋白质，让免疫系统能继续杀死癌细胞。研究发现，接受免疫治疗 100 天内接种辉瑞或 Moderna mRNA 新冠疫苗的患者，三年后存活的可能性是未接种任何一种疫苗的患者的两倍多。通常对免疫疗法反应不佳的肿瘤患者也效果显著，三年总生存率提高了近五倍。研究人员进一步调查发现，新冠 mRNA 疫苗就像警钟，触发人体免疫系统识别和杀死癌细胞，遏制癌症关闭免疫细胞的能力。组合使用疫苗和 immune checkpoint inhibitors，它们能协同释放免疫系统的全部力量杀死癌细胞。

Submit #674552 / VDB-330137

Submit #674551 / VDB-330136

Стартап Castelion обещает «взломать» гонку вооружений.

本文分析Tenda AC6固件中CVE-2025-25343缓冲区溢出漏洞，详述qemu模拟环境搭建、漏洞挖掘及利用过程。

继CVE-30065和46762之后升级到Apache Parquet 1.15.2版本，如果存在"specific" 或 "reflect" 模型读取Parquet 文件的代码，仍然存在危险。

唯一一个困难pwn题，难是真难，为期2天的比赛总共只有11只队伍解出，该题是glibc-2.41下的题目，总共3个难点：如何绕过图像校验？如何在受限情况下进行堆利用？受限情况下如何劫持执行流？对于前半，本文将介绍完整的深入分析复杂流程的过程，对于后半，本文将结合glibc2.41源码来介绍fastbin+tcachebin的组合利用技巧，和exit中攻击向量。

某数据泄露防护系统审计，重在思路分享。

A vulnerability classified as problematic was found in SuiteCRM 7.14.1. This affects an unknown part of the component HTTP Header Handler. Such manipulation of the argument Referer leads to cross site scripting. This vulnerability is traded as CVE-2025-41384. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in OpenVPN Access Server up to 2.14.3. Affected by this issue is some unknown functionality of the component SAML Authentication Module. This manipulation of the argument RelayState causes cross site scripting. This vulnerability appears as CVE-2025-50055. The attack may be initiated remotely. There is no available exploit.

A vulnerability described as problematic has been identified in Zoho ManageEngine ManageEngine Endpoint Central. Affected by this vulnerability is an unknown functionality. The manipulation results in sensitive information in log files. This vulnerability is reported as CVE-2025-11248. The attack requires a local approach. No exploit exists. Upgrading the affected component is recommended.

A vulnerability marked as critical has been reported in eTimeTrackLite Web up to 12.0. Affected is an unknown function. The manipulation leads to permission issues. This vulnerability is documented as CVE-2025-60291. The attack requires being on the local network. There is not any exploit available.

本文介绍了 PTE Hook 的原理与实现过程，先从 x64 架构下虚拟地址到物理地址的寻址机制、页表自映射原理讲起，解释了如何通过构造虚拟地址直接访问并修改 PTE。随后分析了传统 inlineHook 的全局性缺陷及其被 PatchGuard 检测的风险，提出通过伪造页表、隔离进程页表、关闭 G 位等手段实现进程级的 Hook，从而规避全局影响。最后结合代码示例展示了 PTE Hook 的实战