Aggregator

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.10.140/5.15.64/5.19.6. Affected is the function smc_fback_replace_callbacks in the library lib/refcount.c. Executing manipulation of the argument sk_user_data can lead to improper update of reference count. This vulnerability is handled as CVE-2022-49979. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.19.6 and classified as critical. This impacts the function pvr_probe of the component media. The manipulation leads to memory leak. This vulnerability is traded as CVE-2022-49982. Access to the local network is required for this attack to succeed. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 4.19.257/5.4.212/5.10.142/5.15.67/5.19.6 and classified as problematic. This issue affects the function acpi_find_last_cache_level of the component arm64. Such manipulation leads to insufficient verification of data authenticity. This vulnerability is uniquely identified as CVE-2022-49964. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.19.7. The impacted element is the function vc_do_resize of the component vt. Performing manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2022-49948. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.19.7. Affected by this vulnerability is the function mark_chain_precision of the component bpf. Executing manipulation can lead to unchecked return value. This vulnerability appears as CVE-2022-49961. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

Cybersecurity firm Wordfence has uncovered a renewed wave of mass exploitation targeting critical vulnerabilities in two popular WordPress plugins, allowing unauthenticated attackers to install malicious software and potentially seize control of websites. The flaws, first disclosed in late 2024, affect GutenKit and Hunk Companion plugins, which boast over 40,000 and 8,000 active installations respectively. Despite […]

The post Hackers Exploit WordPress Arbitrary Installation Vulnerabilities in the Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic has been found in SourceCodester Food Ordering System 2.0. This affects an unknown part of the file /fos/admin/ajax.php of the component PHP File Handler. This manipulation causes unrestricted upload. The identification of this vulnerability is CVE-2023-24646. The attack needs to be done within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in SourceCodester Food Ordering System 2.0. This affects an unknown function of the component Parameter Handler. This manipulation of the argument email causes sql injection. This vulnerability is handled as CVE-2023-24647. The attack can only be done within the local network. There is not any exploit available.

A vulnerability was found in SourceCodester Judging Management System 1.0 and classified as critical. This affects an unknown function of the file /php-jms/updateBlankTxtview.php. Such manipulation of the argument sid leads to sql injection. This vulnerability is documented as CVE-2023-24643. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability has been found in SourceCodester Judging Management System 1.0 and classified as critical. The impacted element is an unknown function of the file /php-jms/updateTxtview.php. This manipulation of the argument sid causes sql injection. This vulnerability is registered as CVE-2023-24642. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability, which was classified as critical, was found in SourceCodester Judging Management System 1.0. The affected element is an unknown function of the file /php-jms/updateview.php. The manipulation of the argument sid results in sql injection. This vulnerability is cataloged as CVE-2023-24641. The attack may be launched remotely. Furthermore, there is an exploit available.

之前写过一篇简单的open_basedir绕过，其实没有想到在高版本下的php也会存在这个漏洞，于是再来看看有什么好玩的地方

SunshineCTF 2025 Web 题解

大华智慧园区综合管理平台审计

用友U8Cloud < 20250924补丁版本 NCCloudGatewayServlet 命令执行漏洞

前言2025-09-24 用友又又又发布了一个漏洞 关于U8cloud所有版本NCCloudGatewayServlet接口存在命令执行漏洞的安全公告 这次又是全版本的漏洞但是，我觉得这也可以是文件上传漏洞，往下看吧。https://security.yonyou.com/#/noticeInfo?id=736来来来现热乎的，我们先去分析一波看，官方说的升级补丁升级补丁<U8CLOUD系统

开放签电子签章系统审计

H2O-3≤V3.46.0.8中ImportSQLTable因正则校验不严，导致JDBC URL绕过引发反序列化漏洞。

本次审计对 Tmall_demo（一个基于 SpringBoot + MyBatis 的仿天猫商城系统）进行了安全评估，发现了多处高危安全漏洞，包括​​鉴权绕过、SQL注入、存储型XSS、任意文件上传​​等

鉴权分析：鉴权主要是ExtensionlessUrlHandler 和JHSoft.Log.HttpModuleExtensionlessUrlHandler ASP.NET 中的一个 HTTP 处理程序，主要用于处理无扩展名的 URL。处理无扩展名 URL允许网站使用友好的 URL，而不需要显示文件扩展名：URL 路由支持配合 NET 路由系统，实现 RESTful 风格的 URL：配置方式在