Aggregator
【安全圈】印度出手!多款VPN应用被谷歌苹果下架,Cloudflare也未能幸免
11 months 1 week ago
【安全圈】开源终端工具曝重大安全漏洞,输入信息可能被窃取!
11 months 1 week ago
关键词漏洞近日,知名开源终端模拟器的一项安全问题引发关注:其 SSH 集成功能存在关键漏洞,可能导致用户的输入和输出记录被写入远程主机的 /tmp/framer.txt 文件。更为严重的是,该文件对远
【安全圈】微软 Win11 BitLocker 存在物理接触即可绕过的重大漏洞
11 months 1 week ago
关键词漏洞1月2日,安全专家揭示,微软Windows 11中的BitLocker加密技术存在一个严重漏洞。黑客只需通过一次物理接触,就能将设备置入恢复模式,并通过网络连接,轻松解密Windows 11
【安全圈】印度出手!多款VPN应用被谷歌苹果下架,Cloudflare也未能幸免
11 months 1 week ago
关键词VPN印度推行严苛VPN政策,多款应用遭下架,Cloudflare等海外服务商被波及。2022年9月起,印度计算机应急响应小组(CERT-In)制定的VPN政策正式生效。这一政策对VPN服务商提
美舰挑衅黄岩岛:南海军事紧张局势与中美战略博弈分析
11 months 1 week ago
北约冲突风险升级?俄罗斯军事文件曝光攻击日韩计划
11 months 1 week ago
Rhysida
11 months 1 week ago
cohenido
Guys how does people obtain or make these 'root kits' and also how do they find the hardware compiler file to execute it?
11 months 1 week ago
Qilin
11 months 1 week ago
cohenido
威胁情报与威胁狩猎资源网站汇总
11 months 1 week ago
你想要的都在里面
欢迎加入【看雪课程讲师】团队!分享知识的同时,打造个人IP
11 months 1 week ago
强网杯2024 solve2-apk-赛题解析
11 months 1 week ago
看雪论坛作者ID:Aar0n
欢迎加入【看雪课程讲师】团队!分享知识的同时,打造个人IP
11 months 1 week ago
随着技术的发展,网络攻击、数据泄露等安全威胁也日益严峻,网络安全问题已经成为全球关注的焦点。在这样的背景下,培养和储备优秀的网络安全人才显得尤为迫切。看雪作为网络安全领域的先行者,一直致力于网络安全人
强网杯2024 solve2-apk-赛题解析
11 months 1 week ago
我们首先使用jeb进行分析,搜索关键词success定位到逻辑。外层函数是一个魔改tea,过了前32字节检测才能进入下一个函数进行判断。#include #include
CVE-2024-13140 | Emlog Pro up to 2.4.3 Cover Upload article.php?action=upload_cover image cross site scripting
11 months 1 week ago
A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=upload_cover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting.
This vulnerability is traded as CVE-2024-13140. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-13139 | wangl1989 mysiteforme 1.0 FileController doContent content server-side request forgery
11 months 1 week ago
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery.
The identification of this vulnerability is CVE-2024-13139. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-13138 | wangl1989 mysiteforme 1.0 LocalUploadServiceImpl upload test unrestricted upload
11 months 1 week ago
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload.
This vulnerability was named CVE-2024-13138. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-13137 | wangl1989 mysiteforme 1.0 SiteController RestResponse cross site scripting
11 months 1 week ago
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-13137. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-13136 | wangl1989 mysiteforme 1.0 ShiroConfig.java rememberMeManager deserialization
11 months 1 week ago
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization.
This vulnerability is handled as CVE-2024-13136. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com