Aggregator

富士電機株式会社が提供するV-SFTには、複数の脆弱性が存在します。

Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution. The vulnerabilities in question are listed below - CVE-2025-4427 (CVSS score: 5.3) - An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without proper credentials

菲律宾苏比克湾这片曾经见证了无数历史风云的土地，如今再度成为全球军事战略的焦点。美军在这里建设冷战结束以来最

在这个全球制裁密布的时代，有一个国家却似乎总能找到缝隙，用其独特的方式在全球经济版图上“开疆拓土”。这个国家

A vulnerability classified as critical was found in Microsoft Windows 11 24H2/Server 2025. Affected by this vulnerability is an unknown functionality of the component ExecutionContext Driver. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2025-29838. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Windows up to Server 2025 and classified as critical. This vulnerability affects unknown code of the component Universal Print Management Service. The manipulation leads to use after free. This vulnerability was named CVE-2025-29841. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows and classified as problematic. This issue affects some unknown processing of the component UrlMon. The manipulation leads to acceptance of extraneous untrusted data with trusted data. The identification of this vulnerability is CVE-2025-29842. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been classified as problematic. Affected is an unknown function of the component Lightweight Directory Access Protocol. The manipulation leads to resource consumption. This vulnerability is traded as CVE-2025-29954. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows 11 24H2/Server 2022 23H2/Server 2025. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Hyper-V. The manipulation leads to denial of service. This vulnerability is known as CVE-2025-29955. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Windows. It has been rated as problematic. Affected by this issue is some unknown functionality of the component SMB. The manipulation leads to buffer over-read. This vulnerability is handled as CVE-2025-29956. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

While hacktivists claimed more than 100 successful attacks against Indian government, education, and military targets, the attacks were overblown in most cases and often did not even happen.

HackerNews 编译，转载请注明出处： 欧盟网络安全局（ENISA）5月13日宣布正式启动新型漏洞数据库计划。该计划被命名为“欧洲漏洞数据库（EUVD）”，此前已进行测试运行，现根据NIS2指令要求正式上线。其功能定位与美国国家漏洞数据库（NVD）类似，旨在为网络防御者提供集中化漏洞信息源。 EUVD将整合来自计算机安全事件响应团队（CSIRT）、供应商及现有数据库（如CISA已知被利用漏洞目录、MITRE CVE计划）的漏洞数据，自动同步至平台。数据库提供三大仪表板： 关键漏洞看板：展示高危漏洞信息 被利用漏洞看板：聚焦已遭攻击的漏洞 欧盟协调漏洞看板：由欧洲CSIRT团队提供支持 每条漏洞记录包含“EUVD”专属标识符，并关联CVE编号、云安全联盟全球安全数据库（GSD）及GitHub安全公告（GHSA）等外部标识。具体数据条目涵盖： 漏洞描述 受影响IT产品/服务及版本 漏洞严重程度与利用方式 CSIRT等机构提供的补丁与缓解指南 ENISA执行主任尤汉·莱帕萨尔表示：“该数据库确保受影响ICT产品用户的信息透明度，将成为查找缓解措施的高效信息来源。”主要用户群体包括公众、网络/信息系统供应商及其客户、私营企业、研究人员及CSIRT等国家机构。 当前网络安全界正关注CVE计划的长期前景——美国CISA近期紧急延长MITRE合同11个月以维持运行。EUVD的推出被视为欧盟构建自主漏洞管理能力的关键举措。     消息来源： infosecurity-magazine； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

CVE-2025-4532 向日葵远程控制程序权限提升漏洞复现与分析

Microsoft’s May 2025 Patch Tuesday has addressed several critical vulnerabilities in Windows Remote Desktop services that could allow attackers to execute malicious code remotely. Security experts are urging users to apply these patches immediately to safeguard their systems against potential exploits. Among the 72 flaws fixed in this month’s security update, two critical Remote Desktop […]

The post Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network appeared first on Cyber Security News.

小程序,抓包,渗透测试

MCP科技城市全景图

这篇文章源于之前做的一个项目，利用mitmproxy构造请求，根据报错信息判断不同的数据库，最后成功判断出是Oracle注入并绕过WAF的经历

HackerNews 编译，转载请注明出处： 美国网络安全与基础设施安全局（CISA）就消息应用TeleMessage的漏洞发出警告。该应用近期因特朗普前国家安全顾问迈克·沃尔茨（Mike Waltz）的使用引发关注——沃尔茨在担任国安顾问期间因两起通信事故陷入争议。 首先是在“信号门”事件中，他误将记者拉入国家安全高层讨论也门军事行动的Signal群聊；随后又被发现使用名为TeleMessage Signal的应用，再度引发安全隐患。这些事件最终导致沃尔茨被解职。 以色列公司TeleMessage（现属美国俄勒冈州Smarsh通信集团）主要为用户提供WhatsApp、Telegram和Signal等即时通讯工具的消息存档服务。在沃尔茨使用该应用曝光后，调查发现其已被美国政府内部采用，且存在严重安全风险。 黑客声称窃取了TeleMessage旗下Signal、WhatsApp、微信和Telegram克隆应用的私聊与群组记录。尽管未获取政府官员消息，但攻击证实TeleMessage存档的聊天日志未加密，可被威胁分子轻易获取。Smarsh公司已暂停所有TeleMessage服务配合调查。 安全研究员Micah Lee分析TeleMessage源代码发现：其定制版Signal应用”TM SGNL”虽宣称支持端到端加密，但实际在应用与消息存档服务器间采用明文传输。这一漏洞（现获CVE编号CVE-2025-47729）使攻击者可获取明文聊天记录，包括加密货币公司Coinbase的Telegram私密对话及数百名海关与边境保护局员工名单。 CISA已将CVE-2025-47729纳入已知被利用漏洞（KEV）目录。美国联邦机构需在21天内修补该漏洞，其他组织也应优先处理。鉴于漏洞存在于服务器端，CISA建议用户停用TeleMessage服务作为主要防护措施。国家漏洞数据库明确指出该漏洞已被在野利用。       消息来源：securityweek； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

HackerNews 编译，转载请注明出处： 软件公司Adobe发布多款产品安全更新，修复至少39个漏洞，并警告存在远程代码执行漏洞利用风险。此次“补丁星期二”的重点是Adobe ColdFusion（冷聚变）的重大更新，解决多个可导致代码执行和权限提升的关键漏洞。 根据安全公告，Adobe ColdFusion修复的7个高危漏洞（CVSS评分9.1）可能引发任意文件读取、代码执行及权限提升攻击。此外： Adobe Photoshop：修复3个可导致代码执行的高危漏洞。 Adobe Illustrator：紧急修补1个关键漏洞。 Adobe Lightroom/Dreamweaver/Connect/InDesign：修复代码执行漏洞，攻击成功可引发拒绝服务。 其他受影响产品包括Adobe Substance 3D Painter、Adobe Bridge和Adobe Dimension，均存在高危漏洞。此次更新与微软安全公告同期发布，后者披露5个在野利用的零日漏洞，涉及脚本引擎和Windows通用日志文件系统驱动（CLFS）。       消息来源：securityweek； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文