Aggregator
今日更新:虚拟机镜像磁盘解密 | 系统0day安全(第7期)
9 months 2 weeks ago
全方面多纬度介绍关于各类嵌入式设备、网络设备、边界安全设备等漏洞挖掘基础、方法、技巧和思路
CS2 社区惊现直播劫持诈骗,你的 Steam 账号和加密货币还好吗?
9 months 2 weeks ago
CS2社区频遭直播劫持,玩家Steam账号与加密货币安全告急。
Windows10代码还原汇编特征汇总(附NTDLL CreateHeap还原代码)
9 months 2 weeks ago
看雪论坛作者ID:TeddyBe4r
案例分享:默安科技为光伏储能龙头企业筑牢网安防线
9 months 2 weeks ago
破解快速发展中的安全与合规难题
案例分享:默安科技为光伏储能龙头企业筑牢网安防线
9 months 2 weeks ago
破解快速发展中的安全与合规难题
案例分享:默安科技为光伏储能龙头企业筑牢网安防线
9 months 2 weeks ago
破解快速发展中的安全与合规难题
案例分享:默安科技为光伏储能龙头企业筑牢网安防线
9 months 2 weeks ago
破解快速发展中的安全与合规难题
大模型成恐袭“帮凶”!360全流程把控AI内容安全
9 months 2 weeks ago
警惕AI滥用!360给大模型加上安全护栏
漏洞致大模型遭“零元购”?360全方位守护企业AI系统安全
9 months 2 weeks ago
安全客
Дроны больше не спрячутся: в России появилась система перехвата и идентификации БВС
9 months 2 weeks ago
«ЭРА-Глонасс» представила технологию принудительной посадки беспилотников.
【德尔塔面具】更强的隐藏ROOT检测
9 months 2 weeks ago
德尔塔面具(MagiskDelta),是一个开源的第三方 Magisk 框架,基于官方 Magisk 二次修改。
Миллиарды ByBit растворились в сети Lazarus: есть ли шанс их вернуть?
9 months 2 weeks ago
Как Северная Корея совершила крупнейшую кражу в истории криптовалют.
通过ROP实现RCE的一次技术探索之旅
9 months 2 weeks ago
ROP实现RCE:这不是魔法,这是技术的魅力!
通过ROP实现RCE的一次技术探索之旅
9 months 2 weeks ago
ROP实现RCE:这不是魔法,这是技术的魅力!
CVE-2025-1675 | zephyrproject-rtos Zephyr up to 4.0 dns_pack.c dns_copy_qname lb_size out-of-bounds (GHSA-2m84-5hfw-m8v4)
9 months 2 weeks ago
A vulnerability was found in zephyrproject-rtos Zephyr up to 4.0 and classified as problematic. This issue affects the function dns_copy_qname of the file dns_pack.c. The manipulation of the argument lb_size leads to out-of-bounds read.
The identification of this vulnerability is CVE-2025-1675. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-1063 | techlabpro1 Classified Listing Plugin up to 4.0.4 on WordPress rtcl_taxonomy_settings_export information disclosure
9 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in techlabpro1 Classified Listing Plugin up to 4.0.4 on WordPress. This affects the function rtcl_taxonomy_settings_export. The manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2025-1063. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-1128 | wpeverest Everest Forms Plugin up to 3.0.9.4 on WordPress Path Validation EVF_Form_Fields_Upload format unrestricted upload
9 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in wpeverest Everest Forms Plugin up to 3.0.9.4 on WordPress. Affected by this issue is the function format of the file EVF_Form_Fields_Upload of the component Path Validation Handler. The manipulation leads to unrestricted upload.
This vulnerability is handled as CVE-2025-1128. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-12698 | Red Hat OpenShift Container Platform 4 ose-olm-catalogd-container resource consumption
9 months 2 weeks ago
A vulnerability classified as problematic was found in Red Hat OpenShift Container Platform 4. Affected by this vulnerability is an unknown functionality of the component ose-olm-catalogd-container. The manipulation leads to resource consumption.
This vulnerability is known as CVE-2024-12698. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-11260 | netweblogic Events Manager Plugin up to 6.6.3 on WordPress active_status sql injection
9 months 2 weeks ago
A vulnerability has been found in netweblogic Events Manager Plugin up to 6.6.3 on WordPress and classified as critical. This vulnerability affects unknown code. The manipulation of the argument active_status leads to sql injection.
This vulnerability was named CVE-2024-11260. The attack can be initiated remotely. There is no exploit available.
vuldb.com