Aggregator

Ruckus IoT Controller 1.7.1.0 - Undocumented Backdoor Account

Car Rental Project 1.0 - Remote Code Execution

ASUS ASMB8 iKVM 1.14.51 - Remote Code Execution (RCE)

KodExplorer 4.52 - Open Redirect

Dell EMC iDRAC7/iDRAC8 2.52.52.52 - Remote Code Execution (RCE)

Smart Manager 8.27.0 - Post-Authenticated SQL Injection

WooCommerce Customers Manager 29.4 - Post-Authenticated SQL Injection

This blog entry details research on emerging ransomware group CrazyHunter, which has launched a sophisticated campaign aimed at Taiwan's essential services.

简化登录流程，提高安全性，便于统一用户管理。

Currently trending CVE - Hype Score: 13 - CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a command=telnetSocket request to the /WebInterface/function/ URI.

Currently trending CVE - Hype Score: 15 - Jupyter Remote Desktop Proxy allows you to run a Linux Desktop on a JupyterHub. jupyter-remote-desktop-proxy was meant to rely on UNIX sockets readable only by the current user since version 3.0.0, but when used with TigerVNC, the VNC server started by ...

The EMEA region is a patchwork of diverse markets, industries, and regulatory environments, and it demands a partner-centric approach. That’s why I joined Cloudflare as VP of EMEA Partnerships.

基于DruidDataSourceFactory的一些jdbcAttack。基于BeanFactory。。。。。

A vulnerability, which was classified as problematic, was found in Adobe Experience Manager. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-26034. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Adobe Experience Manager and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-26035. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Adobe Experience Manager and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-26038. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Adobe Experience Manager. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-26040. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Adobe Experience Manager. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-26041. The attack can be initiated remotely. There is no exploit available.