Aggregator

CVE-2023-4042 | Artifex Ghostscript on Red Hat Incomplete Fix CVE-2020-16305 out-of-bounds write (RHSA-2021:1852 / EUVD-2023-53934)

2 months 2 weeks ago

A vulnerability classified as problematic has been found in Artifex Ghostscript on Red Hat. This affects an unknown part of the component Incomplete Fix CVE-2020-16305. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2023-4042. An attack has to be approached locally. There is no exploit available.

vuldb.com

CVE-2023-4428 | Google Chrome up to 116.0.5845.96 CSS out-of-bounds (EUVD-2023-54290)

Vuldb Updates

2 months 2 weeks ago

A vulnerability was found in Google Chrome. It has been classified as problematic. Affected is an unknown function of the component CSS. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2023-4428. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-29783 | vLLM up to 0.7.x ZMQ/TCP deserialization (EUVD-2025-6725)

Vuldb Updates

2 months 2 weeks ago

A vulnerability classified as critical was found in vLLM up to 0.7.x. This vulnerability affects unknown code of the component ZMQ/TCP. The manipulation leads to deserialization. This vulnerability was named CVE-2025-29783. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Hack for me

不安全

2 months 2 weeks ago

一个开放的黑客社区，旨在帮助新手成长为专家。鼓励提问、回答和学习，并提供Discord链接供访问。

要做到“实事求是”需要翻过三座大山

不安全

2 months 2 weeks ago

当前环境出现异常，需完成验证后方可继续访问。

burp插件-自动编码绕过尝试

天黑说嘿话

2 months 2 weeks ago

声明：请勿利用文章内的相关技术从事非法测试，如因此产生的一切不良后果与文章作者和本公众号无关。最近内部做安全

burp插件-自动编码绕过尝试

不安全

2 months 2 weeks ago

当前环境出现异常提示，需完成验证后方可继续访问。

Castlevania: Symphony of the Night decompilation project

不安全

2 months 2 weeks ago

.NET 内网攻防实战电子报刊

不安全

2 months 2 weeks ago

当前环境出现异常状态，需完成验证后才能继续访问。

.NET 介绍一种隐蔽的命令执行方式，通过 LINQ 投影执行动态加载

不安全

2 months 2 weeks ago

当前环境异常，需完成验证后才能继续访问。

解密 .NET 身份票据，红队视角还原 Cookies 登录态

不安全

2 months 2 weeks ago

当前环境出现异常状态，需完成验证后才能继续访问。

.NET 介绍一种隐蔽的命令执行方式，通过 LINQ 投影执行动态加载

dotNet安全研究僧

2 months 2 weeks ago

.NET 内网攻防实战电子报刊

dotNet安全研究僧

2 months 2 weeks ago

01.NET内网安全攻防报刊小报童电子报刊【.NET内网安全攻防】也正式上线了，引入小报童也是为了弥补知识星球

解密 .NET 身份票据，红队视角还原 Cookies 登录态

dotNet安全研究僧

2 months 2 weeks ago

Qantas discloses cyberattack amid Scattered Spider aviation breaches

不安全

2 months 2 weeks ago

澳大利亚航空巨头Qantas于11月13日报告称，在威胁行为者入侵一个第三方客户服务平台后检测到一起网络攻击。此次事件导致约600万客户的个人信息被窃取，包括姓名、电子邮件地址、电话号码、出生日期和常旅客号码。幸运的是，信用卡和财务信息未受影响。Qantas已采取措施控制系统，并通知了相关部门。与此同时，网络安全公司警告称，“Scattered Spider”黑客组织近期开始针对航空和运输行业发动攻击。

JVN: コンテック製CONPROSYS HMI System（CHS）における複数の脆弱性

統合版 JPCERT/CC

2 months 2 weeks ago

コンテック製CONPROSYS HMI System（CHS）には、複数の脆弱性が存在します。

Silver Fox Suspected in Taiwanese Campaign Using DeepSeek Lure

darkreading

2 months 2 weeks ago

The attack uses sideloading to deliver a variant of the popular Gh0stRAT malware and lures victims by posing — among other things — as a purported installer for DeepSeek's LLM.

Robert Lemos, Contributing Writer

Qantas discloses cyberattack amid Scattered Spider aviation breaches

Bleeping Computer.

2 months 2 weeks ago

Australian airline Qantas disclosed that it detected a cyberattack on Monday after threat actors gained access to a third-party platform containing customer data. [...]

Lawrence Abrams

基于全网资产台账的一体化攻击面运营管理实践｜证券行业专刊3·安全村

不安全

2 months 2 weeks ago

文章探讨了证券行业在数字化转型中面临的网络与信息安全挑战，并介绍了山西证券通过内外网资产统一监测、攻击面扩展情报实时监测及可视化体系构建，实现全面立体的安全防御体系。文章还详细阐述了攻击面管理的运营策略、资产台账聚合与动态更新、情报驱动治理等方法，并提出了分阶段建设的实施路径。

【重磅回归】EnGarde TTX 2025香港峰会 | 董事会与网络战场的双重考验

安全村SecUN

2 months 2 weeks ago

背景聚焦2025年3月，香港《保护关键基础设施（电脑系统）条例》正式生效，对能源、金融、交通、医疗等八大关键

Aggregator

Managed ad