Aggregator

Им запретили покупать чипы — они изобрели новые, не похожие ни на что.

A vulnerability has been found in Encaps EncapsGallery 1.11.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file watermark.php. The manipulation of the argument File leads to cross site scripting. This vulnerability is known as CVE-2008-1296. The attack can be launched remotely. Furthermore, there is an exploit available.

遗憾的是，由于依赖包的存在，无法取消发布受陷版本。

旨在增强美国的网络安全，重在修复拜登和奥巴马行政令中的“问题元素”。

On June 6, 2025, the Jenkins Project issued a security advisory (SECURITY-3588 / CVE-2025-5806) affecting the Gatling Plugin, a widely used tool for displaying performance test reports within the Jenkins automation server. The vulnerability carries a high severity rating, with CVSS base scores ranging from 8.0 to 9.0 across different versions, indicating a significant risk […]

The post Jenkins Gatling Plugin Flaw Allows CSP Bypass, Exposing Systems to Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, was found in RT-Thread 5.1.0. Affected is the function sys_recvfrom of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument from leads to memory corruption. This vulnerability is traded as CVE-2025-5869. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability has been found in Shinetheme Traveler Plugin up to 3.1.8 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to deserialization. This vulnerability was named CVE-2025-26873. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/setup.cgi of the component Web Interface. The manipulation leads to improper authentication. This vulnerability is known as CVE-2025-5870. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

本次披露样本与之前披露样本属于同类型样本，但是样本与之前有所差异，是未被披露过的相关样本。该类型样本结构相对复杂，载荷更新也较快，需要引起足够的重视

Так ждёт ли нас столкновение с огромной галактикой в будущем? Или пронесло?

A vulnerability was found in Watchguard Server Center 11.7.4. It has been classified as critical. This affects an unknown part in the library wgpr.dll of the file wlcollector.exe of the component Path Handler. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2013-5701. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

It seems not a day goes by without news of another crypto scam targeting unsuspecting holders. Those owning…

Сбой в 0.0001% айфонов раскрыл масштабную кибератаку.

漏洞分析、脚本生成… 大语言模型如何助力网络安全？这门课告诉你答案！

近期高考考生需警惕诈骗短信，不法分子以“作弊”等为由实施诈骗。

看雪论坛作者ID：SleepAlone

活动时间：6月9日-18日

第一届OpenHarmony CTF专题赛线上赛于06月08日21:00落下帷幕。

A vulnerability classified as critical was found in Apple iCloud up to 6.2.1 on Windows. This vulnerability affects unknown code of the component WebKit. The manipulation leads to memory corruption. This vulnerability was named CVE-2017-7018. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。