Aggregator

CVE-2025-30741 | Pixelfed up to 0.12.4 Private Post authorization

3 months 1 week ago

A vulnerability was found in Pixelfed up to 0.12.4. It has been declared as problematic. This vulnerability affects unknown code of the component Private Post Handler. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2025-30741. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-27837 | Artifex Ghostscript up to 10.04.0 UTF-8 Character base/gp_mswin.c Remote Code Execution

VulDB Recent Entries

3 months 1 week ago

A vulnerability was found in Artifex Ghostscript. It has been classified as critical. This affects an unknown part of the file base/gp_mswin.c of the component UTF-8 Character Handler. The manipulation leads to Remote Code Execution. This vulnerability is uniquely identified as CVE-2025-27837. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

cloudpeass: Cloud Privilege Escalation Awesome Script Suite

Penetration Testing Tools - Metepreter.org

3 months 1 week ago

Cloud Privilege Escalation Awesome Script Suite The current goal of Cloud PEASS is simple: Once you manage to get some credentials to access Azure, GCP or AWS, use different techniques to get the permissions the principal has and highlight...

The post cloudpeass: Cloud Privilege Escalation Awesome Script Suite appeared first on Penetration Testing Tools.

ddos

漏洞预警 | Next.js 中间件鉴权绕过漏洞 (CVE-2025-29927)

Beacon Tower Lab

3 months 1 week ago

漏洞预警 | Next.js 中间件鉴权绕过漏洞 (CVE-2025-29927)

Beacon Tower Lab

3 months 1 week ago

漏洞预警 | Next.js 中间件鉴权绕过漏洞 (CVE-2025-29927)

Beacon Tower Lab

3 months 1 week ago

漏洞预警 | Next.js 中间件鉴权绕过漏洞 (CVE-2025-29927)

Beacon Tower Lab

3 months 1 week ago

漏洞预警 | Next.js 中间件鉴权绕过漏洞 (CVE-2025-29927)

Beacon Tower Lab

3 months 1 week ago

漏洞预警 | Next.js 中间件鉴权绕过漏洞 (CVE-2025-29927)

Beacon Tower Lab

3 months 1 week ago

漏洞预警 | Next.js 中间件鉴权绕过漏洞 (CVE-2025-29927)

Beacon Tower Lab

3 months 1 week ago

谷歌发布新版 Gemini，横扫各大榜单；苹果订购 10 亿美元英伟达 AI系统；雷军回武大拍摄 YU7 宣传片 | 极客早知道

极客公园

3 months 1 week ago

前英特尔 CEO 批评英伟达 AI 芯片定价，认为推理才是未来机遇；OpenAI 凌晨更新，GPT-4o 多模态生图正式上线

Shelter: ROP-based sleep obfuscation to evade memory scanners

Penetration Testing Tools - Metepreter.org

3 months 1 week ago

Shelter Shelter is a completely weaponized sleep obfuscation technique that allows you to fully encrypt your in-memory payload making extensive use of ROP. This crate comes with the following characteristics: AES-128 encryption. Whole PE...

The post Shelter: ROP-based sleep obfuscation to evade memory scanners appeared first on Penetration Testing Tools.

ddos

【工具】文章内容如何变成流程图

丁爸情报分析师的工具箱

3 months 1 week ago

今天接着给大家推送一个可以将文章内容变成流程图的工具。

【工具】文章内容如何变成流程图

丁爸情报分析师的工具箱

3 months 1 week ago

今天接着给大家推送一个可以将文章内容变成流程图的工具。

【工具】文章内容如何变成流程图

丁爸情报分析师的工具箱

3 months 1 week ago

今天接着给大家推送一个可以将文章内容变成流程图的工具。

【工具】文章内容如何变成流程图

丁爸情报分析师的工具箱

3 months 1 week ago

今天接着给大家推送一个可以将文章内容变成流程图的工具。

【工具】文章内容如何变成流程图

丁爸情报分析师的工具箱

3 months 1 week ago

今天接着给大家推送一个可以将文章内容变成流程图的工具。

【工具】文章内容如何变成流程图

丁爸情报分析师的工具箱

3 months 1 week ago

今天接着给大家推送一个可以将文章内容变成流程图的工具。

PortEx: Java library for static malware analysis of Portable Executable files

Penetration Testing Tools - Metepreter.org

3 months 1 week ago

PortEx PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at...

The post PortEx: Java library for static malware analysis of Portable Executable files appeared first on Penetration Testing Tools.

ddos

研究显示：超300万财富500强员工账户凭证近三年内遭泄露；严重漏洞威胁Next.js应用，攻击者可绕过授权访问管理面板 |牛览

安全牛

3 months 1 week ago

新闻速览 •研究显示：超300万财富500强员工账户凭证在近三年内遭泄露 •欧盟严重有组织犯罪威胁评估：混合威 […]

aqniu

Aggregator

Managed ad