Aggregator

检测微服务应用中的污点风格漏洞 by ourren

更多最新文章，请访问SecWiki

A vulnerability labeled as critical has been found in PoDoFo 1.1.0-dev. This issue affects the function PdfTokenizer::DetermineDataType of the file src/podofo/main/PdfTokenizer.cpp of the component PDF Dictionary Parser. Executing manipulation can lead to use after free. This vulnerability is handled as CVE-2025-9394. It is possible to launch the attack on the local host. Additionally, an exploit exists. A patch should be applied to remediate this issue.

Submit #632365 / VDB-321227

Submit #632364 / VDB-321227

A vulnerability identified as critical has been detected in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function addStaProfile of the file /goform/addStaProfile. Performing manipulation of the argument profile_name/Ssid/wep_key_1/wep_key_2/wep_key_3/wep_key_4/wep_key_length/wep_default_key/cipher/passphrase results in stack-based buffer overflow. This vulnerability is known as CVE-2025-9393. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability categorized as critical has been discovered in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function qosClassifier of the file /goform/qosClassifier. Such manipulation of the argument dir/sFromPort/sToPort/dFromPort/dToPort/protocol/layer7/dscp/remark_dscp leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-9392. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #631538 / VDB-321226

Submit #631537 / VDB-321225

A vulnerability was found in Bjskzy Zhiyou ERP up to 11.0. It has been rated as critical. Affected by this issue is the function getFieldValue of the component com.artery.workflow.ServiceImpl. This manipulation of the argument sql causes sql injection. This vulnerability appears as CVE-2025-9391. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in vim up to 9.1.1615. It has been declared as critical. Affected by this vulnerability is the function main of the file src/xxd/xxd.c of the component xxd. The manipulation results in buffer overflow. This vulnerability is reported as CVE-2025-9390. The attack requires a local approach. Moreover, an exploit is present. It is recommended to upgrade the affected component.

Submit #631536 / VDB-321224

Submit #630903 / VDB-321223

被裁前在前雇主 IT 系统植入恶意程序和设立关闭开关的开发者 Davis Lu 被判四年监禁以及三年的监督释放。美国司法部称，2018 年 Davis Lu 任职的 Eaton Corporation 进行了重组，他遭到了降级。他随后在公司 Windows 生产环境中植入恶意代码进行报复。该恶意程序包含了一个无限的 Java 线程循环，旨在拖垮服务器，导致生产系统崩溃。Lu 还创建了一个过于明显的关闭开关：IsDLEnabledinAD ("Is Davis Lu enabled in Active Directory") ，当 Active Directory 中他的账户被禁用，关闭开关将会激活禁用所有用户的账户。2019 年 9 月 9 日，Lu 的雇佣关系终止，账户被禁用后关闭开关激活，数千名用户被锁定在系统外。此事导致雇主损失了数十万美元。在 Lu 被要求上缴公司发的笔记本电脑前，他删除了其中的加密数据。调查人员后来从设备上发现了他的搜索查询记录，包括搜寻如何提权，隐藏进程以及快速删除文件。

A vulnerability was found in vim 9.1.0000. It has been classified as problematic. Affected is the function __memmove_avx_unaligned_erms of the file memmove-vec-unaligned-erms.S. The manipulation leads to memory corruption. This vulnerability is documented as CVE-2025-9389. The attack needs to be performed locally. Additionally, an exploit exists. Some users are not able to reproduce this. One of the users mentions that this appears not to be working, "when coloring is turned on".

Submit #630898 / VDB-321222

A vulnerability was found in Scada-LTS up to 2.7.8.1 and classified as problematic. This impacts an unknown function of the file watch_list.shtm. Executing manipulation of the argument Name can lead to cross site scripting. This vulnerability is registered as CVE-2025-9388. It is possible to launch the attack remotely. Furthermore, an exploit is available.

The Federal Trade Commission (FTC) is warning major U.S. tech companies against yielding to foreign government demands that weaken data security, compromise encryption, or impose censorship on their platforms. [...]

A vulnerability has been found in DCN DCME-720 9.1.5.11 and classified as critical. This affects an unknown function of the file /usr/local/www/function/audit/newstatistics/ip_block.php of the component Web Management Backend. Performing manipulation of the argument ip results in os command injection. This vulnerability is cataloged as CVE-2025-9387. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Other products might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #630800 / VDB-321221

Submit #630727 / VDB-321220