Aggregator

CVE-2025-45542 | CloudClassroom-PHP-Project 1.0 registrationform pass sql injection (EUVD-2025-16669 / EDB-52314)

Vuldb Updates
5 months 3 weeks ago
A vulnerability has been found in CloudClassroom-PHP-Project 1.0 and classified as critical. This vulnerability affects unknown code of the component registrationform. The manipulation of the argument pass leads to sql injection. This vulnerability was named CVE-2025-45542. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2012-3575 | RBX Gallery 2.1 File Upload uploader.php access control (EDB-19019 / XFDB-76170)

Vuldb Updates
5 months 3 weeks ago
A vulnerability was found in RBX Gallery 2.1. It has been rated as very critical. This issue affects some unknown processing of the file uploader.php of the component File Upload. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2012-3575. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

AI Index 2025: What’s changing and why it matters

Help Net Security
5 months 3 weeks ago

Stanford recently released its AI Index 2025, and it’s packed with insights on how AI is changing. For CISOs, it’s a solid check-in on where things stand. It covers what the tech can do now, how governments are responding, and where public opinion is heading. Here’s what’s worth knowing. AI is improving fast and showing up everywhere New models are performing better on hard benchmarks and tackling complex tasks like coding and math with more … More →

The post AI Index 2025: What’s changing and why it matters appeared first on Help Net Security.

Sinisa Markovic

CVE-2025-47293 | powsybl-core up to 6.7.1 XML Parser com.powsybl.commons.xml.XmlReader xml external entity reference (GHSA-qpj9-qcwx-8jv2 / EUVD-2025-18700)

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability has been found in powsybl-core up to 6.7.1 and classified as critical. This vulnerability affects the function com.powsybl.commons.xml.XmlReader of the component XML Parser. The manipulation leads to xml external entity reference. This vulnerability was named CVE-2025-47293. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-47771 | powsybl-core up to 6.7.1 SparseMatrix read deserialization (GHSA-f5cx-h789-j959 / EUVD-2025-18706)

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability, which was classified as very critical, was found in powsybl-core up to 6.7.1. This affects the function read of the component SparseMatrix. The manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2025-47771. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-49715 | Microsoft Dynamics 365 FastTrack Implementation exposure of private personal information to an unauthorized actor

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Microsoft Dynamics 365 FastTrack Implementation. Affected by this issue is some unknown functionality. The manipulation leads to exposure of private personal information to an unauthorized actor. This vulnerability is handled as CVE-2025-49715. The attack may be launched remotely. There is no exploit available. This product is a managed service. It is not possible for users to maintain vulnerability countermeasures themselves.
vuldb.com

CVE-2025-48058 | powsybl-core up to 6.7.1 redos (GHSA-rqpx-f6rc-7hm5 / EUVD-2025-18708)

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability classified as problematic was found in powsybl-core up to 6.7.1. Affected by this vulnerability is an unknown functionality. The manipulation leads to inefficient regular expression complexity. This vulnerability is known as CVE-2025-48058. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-6264 | Rapid7 Velociraptor up to 0.74.2 VQL Query Admin.Client.UpdateClientConfig default permission

VulDB Recent Entries
5 months 3 weeks ago
A vulnerability classified as problematic has been found in Rapid7 Velociraptor up to 0.74.2. Affected is the function Admin.Client.UpdateClientConfig of the component VQL Query Handler. The manipulation leads to incorrect default permissions. This vulnerability is traded as CVE-2025-6264. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

New infosec products of the week: June 20, 2025

Help Net Security
5 months 3 weeks ago

Here’s a look at the most interesting products from the past week, featuring releases from BigID, Dashlane, Sumsub, and Jumio. Dashlane’s AI model alerts businesses to phishing risks In contrast to rule-based filters or reliance on a threat intel database, Dashlane’s AI phishing alerts leverage an AI model that analyzes 79 phishing indicators in real-time, such as hidden login forms, external link ratios and concealed iFrames, to determine whether a domain is potentially malicious. Analysis … More →

The post New infosec products of the week: June 20, 2025 appeared first on Help Net Security.

Sinisa Markovic

DanaBleed新漏洞使 DanaBot恶意软件即服务平台浮出水面

嘶吼
5 months 3 weeks ago

在2022年6月更新的DanaBot恶意软件操作中引入的最新漏洞,导致其在最近的执法行动中被识别并拆解了他们的操作。

DanaBot是一个从2018年到2025年活跃的恶意软件即服务(MaaS)平台,用于银行欺诈、凭证盗窃、远程访问和分布式拒绝服务(DDoS)攻击。

Zscaler的ThreatLabz研究人员发现了这个被称为“DanaBleed”的漏洞,他们解释说,内存泄漏使他们能够深入了解恶意软件的内部操作和幕后黑手。

利用该漏洞收集有关网络犯罪分子的宝贵情报,一项名为Operation Endgame的国际执法行动使DanaBot基础设施下线,并起诉了该威胁组织的16名成员。

DanaBleed

DanaBleed漏洞是在2022年6月随DataBot 2380版本引入的,该版本新增了一个命令和控制(C2)协议。

新协议逻辑中的一个弱点是生成C2服务器对客户机的响应的机制,该机制应该包含随机生成的填充字节,但没有为这些字节初始化新分配的内存。

Zscaler研究人员收集并分析了大量C2响应,由于内存泄漏错误,这些响应包含来自服务器内存的剩余数据片段。

这次暴露类似于2014年发现的HeartBleed问题,影响了无处不在的OpenSSL软件。随着时间的推移,DanaBleed向研究人员提供了大量私人数据,包括:

·威胁参与者详细信息(用户名、IP地址)

·后端基础设施(C2服务器ip /域)

·受害者数据(IP地址、凭据、泄露信息)

·恶意软件的更新日志

·私有密码密钥

·SQL查询和调试日志

·C2控制面板的HTML和网页界面片段

在三年多的时间里,DanaBot一直以一种受攻击的模式运行,而其开发人员或客户却没有意识到他们被暴露给了安全研究人员。这使得当执法部门收集到足够的数据时便能一击即中。

C2服务器响应中泄露的HTML数据

虽然DanaBot在俄罗斯的核心团队只是被起诉而没有被逮捕,但关键的C2服务器、650个域名和近400万美元的加密货币被扣押已经有效地消除了目前的威胁。即使威胁者在未来试图重返网络犯罪活动,但其黑客社区信任度的下降也将是他们面临的一个重大障碍。

胡金鱼

CVE-2023-33538

CVE Trends
5 months 3 weeks ago
Currently trending CVE - Hype Score: 2 - TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .

Managed ad