Aggregator

A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /xray_form.php. The manipulation of the argument itr_no leads to sql injection. This vulnerability was named CVE-2025-7754. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was suspected in Node.js up to 20.18.1/22.13.0/23.6.0. This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.

一种名为"Scanception"的复杂钓鱼攻击通过在PDF附件中嵌入QR码窃取用户凭证。该攻击利用多阶段策略和规避技术绕过安全检测，并结合社会工程学手段诱导受害者提供敏感信息和多因素认证数据。

这篇文章回顾了2024年Godot引擎及其社区的发展与成就，包括游戏jam提交量创新高、基金会团队扩大、行业奖项认可、技术更新（如2D物理插值、3D物理插值等）、跨平台支持扩展以及社区活动亮点。文章还介绍了Godot 4.3和4.4版本的技术改进，并感谢了社区贡献者和用户的支持。

TSforge 工具可免费为个人用户提供 3 年 Windows 10 ESU 扩展安全更新服务。该工具通过模拟企业版 ESU 实现无需付费或积分兑换的操作流程简便支持 Windows 10 用户持续获得安全更新直至 2025 年 10 月后转为 ESU 渠道推送补丁。

Name: HITCON Cyber Range 2025 Quals (an HITCON Cyber Range event.)
Date: July 18, 2025, 2 a.m. — 18 July 2025, 15:59 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://hitcon.kktix.cc/events/hitcon-cyberrange-2025
Rating weight: 0.00
Event organizers: HITCON

CrushFTP软件发现零日漏洞CVE-2025-54309，允许攻击者获取管理员权限。该漏洞于7月18日被发现并被积极利用。攻击者可能通过逆向工程发现此漏洞，并已野外利用两次。CrushFTP已发布修复版本10.8.5和11.3.4_23以解决此问题。

A critical zero-day flaw in CrushFTP that can grant attackers administrator access was discovered on July 18 and is under active exploitation.

Background

On July 18, CrushFTP published an update to its CrushWiki detailing the discovery and exploitation of a zero-day in its CrushFTP software:

CVEDescriptionCVSSv3CVE-2025-54309CrushFTP Unprotected Alternate Channel Vulnerability9.0

Tenable’s Research Special Operations (RSO) team is monitoring for any further developments surrounding CVE-2025-54309. We have classified it as a Vulnerability of Interest (VOI).

Analysis

CVE-2025-54309 is an unprotected alternate channel vulnerability in CrushFTP. The vulnerability exists because of a mishandling of validation in Applicability Statement 2 (AS2), a protocol for transporting critical data. A remote, unauthenticated attacker could exploit this vulnerability to obtain administrative access through CrushFTP.

Zero-day exploitation detected on July 18, 2025

According to CrushFTP, CVE-2025-54309 was first discovered as being exploited as a zero-day by unknown threat actors on July 18 at 9AM CST. However, they caution that exploitation may have “been going on for longer.”

CrushFTP says attackers reviewed recent patch to uncover zero-day

In addition to confirming exploitation of this flaw, CrushFTP says that attackers appear to have discovered it after reverse engineering its code to discover a bug that is fixed in the latest versions of its software.

Historical exploitation of CrushFTP

Since 2024, there have been two vulnerabilities exploited in the wild against CrushFTP. CVE-2024-4040, a sandbox escape flaw in CrushFTP’s virtual file system (VFS) sandbox, was exploited against multiple U.S. entities.

In May 2025, CVE-2025-31161, a critical authentication bypass vulnerability in CrushFTP, first identified as CVE-2025-2825 and subsequently rejected, was exploited in the wild after it was publicly disclosed.

Proof of concept

At the time this blog post was published, there was no proof-of-concept (PoC) for CVE-2025-54309.

Solution

The following are the affected and fixed versions of CrushFTP:

Affected VersionsFixed Versions10.8.4 and below10.8.511.3.4_22 and below11.3.4_23

Additionally, CrushFTP included some indicators of compromise (IOCs) and mitigation techniques in its Crush11Wiki update on July 18.

As a reminder, CrushFTP will stop supporting CrushFTP v10 in March 2026.

Identifying affected systems

A list of Tenable plugins for this vulnerability can be found on the individual CVE page for CVE-2025-54309 as they’re released. This link will display all available plugins for this vulnerability, including upcoming plugins in our Plugins Pipeline.

Get more information

• CrushFTP Crush11Wiki: Compromise July 2025 - CVE-2025-54309

Join Tenable's Research Special Operations (RSO) Team on the Tenable Community.
Learn more about Tenable One, the Exposure Management Platform for the modern attack surface.

当前环境异常，需完成验证后继续访问。

比亚迪将赞助中国足协中国之队，5 年 7500 万元；Meta 又从苹果挖来两名 AI 研究人员；理想 i8 发布会地址与小米 YU7 相同，向小米 YU7 致敬

当前环境出现异常，需完成验证后才能继续访问。

lockc lockc is open source software for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main reason why lockc exists is that containers do not contain. Containers are not as secure and isolated...

The post lockc: Making containers more secure with eBPF and Linux Security Modules appeared first on Penetration Testing Tools.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.96/6.6.36/6.9.7 on Spectrum. Affected is an unknown function of the component spectrum_buffers. The manipulation of the argument port_page leads to use after free. This vulnerability is traded as CVE-2024-42073. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.9.7. Affected is an unknown function of the component nf_tables. The manipulation leads to memory leak. This vulnerability is traded as CVE-2024-42070. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.36/6.6.37/6.9.7. It has been classified as problematic. Affected is the function set_memory_rox of the component bpf. The manipulation leads to unchecked return value. This vulnerability is traded as CVE-2024-42067. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.9.7 and classified as problematic. Affected by this issue is some unknown functionality of the component xe. The manipulation leads to integer overflow. This vulnerability is handled as CVE-2024-42066. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.36/6.9.7. It has been classified as critical. This affects the function auxiliary_device_add of the component mana. The manipulation leads to double free. This vulnerability is uniquely identified as CVE-2024-42069. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.9.7. It has been declared as problematic. This vulnerability affects the function cxacru_bind of the file drivers/usb/core/urb.c of the component usb. The manipulation leads to privilege escalation. This vulnerability was named CVE-2024-41097. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.9.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component AMD Display. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-42064. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.