[local] Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
Microsoft Windows 11 23h2 - CLFS.sys Elevation of Privilege
Aggregator
[remote] WonderCMS 3.4.2 - Remote Code Execution (RCE)
7 months 3 weeks ago
WonderCMS 3.4.2 - Remote Code Execution (RCE)
[remote] code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
7 months 3 weeks ago
code-projects Online Exam Mastering System 1.0 - Reflected Cross-Site Scripting (XSS)
[remote] Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
7 months 3 weeks ago
Firefox ESR 115.11 - PDF.js Arbitrary JavaScript execution
[webapps] WordPress Core 6.2 - Directory Traversal
7 months 3 weeks ago
WordPress Core 6.2 - Directory Traversal
[local] Microsoft Windows 11 - Kernel Privilege Escalation
7 months 3 weeks ago
Microsoft Windows 11 - Kernel Privilege Escalation
Windows内存泄漏追踪战:一线工程师现网故障排查实录
7 months 3 weeks ago
一次真实的现网主机操作系统内存泄漏问题的定位分析过程。
Cross Site Scripting ( XSS ) Vulnerability Payload List
7 months 3 weeks ago
Cross Site Scripting ( XSS ) Vulnerability Payload List
Dark Web Informer - Cyber Threat Intelligence
UCSC CTF 2025高校网络安全联合选拔赛 writeup
7 months 3 weeks ago
UCSC CTF 2025高校网络安全联合选拔赛 writeup
7 months 3 weeks ago
UCSC CTF 2025高校网络安全联合选拔赛 writeup
7 months 3 weeks ago
金融专网安全双维防御:蜜罐溯源技术与敏感信息合规传输策略解析。|总第285周
7 months 3 weeks ago
本期周报简介:1、在金融专网安全防护中,如何通过技术手段与合规策略解决以下核心问题?
2、在安全运营中,如何通过技术与管理手段解决以下痛点,提升效率并降低长期成本?
金融专网安全双维防御:蜜罐溯源技术与敏感信息合规传输策略解析。|总第285周
7 months 3 weeks ago
本期周报简介:1、在金融专网安全防护中,如何通过技术手段与合规策略解决以下核心问题?
2、在安全运营中,如何通过技术与管理手段解决以下痛点,提升效率并降低长期成本?
Daily Dose of Dark Web Informer - 21st of April 2025
7 months 3 weeks ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer - Cyber Threat Intelligence
Threat Attack Daily - 21st of April 2025
7 months 3 weeks ago
Threat Attack Daily - 21st of April 2025
Dark Web Informer - Cyber Threat Intelligence
CVE-2025-0108
7 months 3 weeks ago
Currently trending CVE - Hype Score: 11 - An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While ...
Ransomware Attack Update for the 21st of April 2025
7 months 3 weeks ago
Ransomware Attack Update for the 21st of April 2025
Dark Web Informer - Cyber Threat Intelligence
CVE-2025-39407 | Caseproof Memberpress Plugin up to 1.11.37 on WordPress cross site scripting
7 months 3 weeks ago
A vulnerability has been found in Caseproof Memberpress Plugin up to 1.11.37 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2025-39407. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-39450 | JetTabs Plugin up to 2.2.7 on WordPress cross site scripting
7 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in JetTabs Plugin up to 2.2.7 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2025-39450. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-39448 | JetElements for Elementor Plugin up to 2.7.4.1 on WordPress cross site scripting
7 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in JetElements for Elementor Plugin up to 2.7.4.1 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2025-39448. The attack may be launched remotely. There is no exploit available.
vuldb.com