Aggregator

A vulnerability classified as critical was found in Form Maker 3.6.12 on Joomla. Affected by this vulnerability is an unknown functionality. The manipulation as part of Parameter leads to sql injection. This vulnerability is known as CVE-2018-5991. The attack can be launched remotely. Furthermore, there is an exploit available.

SentinelLABS, a sophisticated reconnaissance operation targeting SentinelOne, a leading cybersecurity vendor, has been detailed as part of a broader espionage campaign linked to China-nexus threat actors. Tracked under the activity clusters PurpleHaze and ShadowPad, these operations spanned from July 2024 to March 2025, affecting over 70 organizations worldwide across sectors like government, media, manufacturing, finance, […]

The post New Report Reveals Chinese Hackers Attempted to Breach SentinelOne Servers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Всё ещё думаешь, что отвечаешь за свои поступки? Зря.

SentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and…

Китай приоткрыл дверь в большой интернет.

Sensata Technologies is warning former and current employees it suffered a data breach after concluding an investigation into an April ransomware attack. [...]

A vulnerability, which was classified as critical, has been found in link files 2007.05.10. Affected by this issue is some unknown functionality. The manipulation leads to link following. This vulnerability is handled as CVE-2010-4226. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in GNU C Library 2.29/2.30/2.31/2.32/2.33. This issue affects some unknown processing of the file netgroupcache.c of the component nscd. The manipulation leads to double free. The identification of this vulnerability is CVE-2021-27645. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in cURL and libcURL up to 7.75.0 and classified as problematic. This issue affects some unknown processing of the component Referer Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2021-22876. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in cURL and libcURL up to 7.75.0. Affected is an unknown function of the component TLS 1.3 Handshake Handler. The manipulation leads to improper certificate validation. This vulnerability is traded as CVE-2021-22890. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in GNU cpio up to 2.13. Affected is the function ds_fgetstr of the file dstring.c of the component Pattern File Handler. The manipulation leads to integer overflow. This vulnerability is traded as CVE-2021-38185. The attack needs to be approached within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in libcurl up to 7.73.0/7.78.0. Affected by this issue is some unknown functionality of the component MQTT Handler. The manipulation leads to double free. This vulnerability is handled as CVE-2021-22945. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Apple macOS. Affected is an unknown function of the component curl. The manipulation leads to double free. This vulnerability is traded as CVE-2021-22945. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in logrotate up to 3.19.x. It has been classified as critical. This affects an unknown part. The manipulation leads to incorrect permission assignment. This vulnerability is uniquely identified as CVE-2022-1348. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in GNU glibc. This vulnerability affects the function realpath of the file canonicalize.c. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2021-3998. The attack can only be initiated within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in libcurl. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Connection Pool Handler. The manipulation leads to improper certificate validation. This vulnerability is known as CVE-2021-22924. The attack can be launched remotely. There is no exploit available.

在逮捕梅泰族（Meithei）领导人引发民众暴力抗议之后，印度 Manipur 邦实行宵禁并切断互联网访问。Netblocks 的网络监测确认了网络接入的中断。警方周日逮捕了梅泰族激进武装组织 Arambai Tenggol 的五名领导人，包括首领 Asem Kanan Singh。自 2023 年以来，Manipur 邦人口占多数的梅泰族和人口占少数的库基族（Kuki）为争夺土地和影响力而发生种族冲突。Arambai Tenggol 有相当大的影响力，获得了梅泰社群的支持。Singh 等人被捕引发了民众抗议，抗议者冲进了一个警察哨所，放火焚烧了一辆公共汽车，并封锁了部分路段。在暴力事件之后，Manipur 邦宣布切断互联网以及移动数据服务五天。

如果提前了解了你所要面对的人生，你是否还会有勇气前来

Untangle: 多层 Web 服务器指纹识别 by ourren

更多最新文章，请访问SecWiki

A vulnerability, which was classified as problematic, has been found in Bagisto 2.2.2. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument Query leads to cross site scripting. This vulnerability is handled as CVE-2025-40675. The attack may be launched remotely. There is no exploit available.