Aggregator

A vulnerability was found in BoutikOne CMS and classified as problematic. This issue affects some unknown processing of the file search.php. The manipulation of the argument search_query leads to cross site scripting. The identification of this vulnerability is CVE-2008-5126. The attack may be initiated remotely. Furthermore, there is an exploit available.

3月新公开漏洞367个，其中高危漏洞176个。

3月新公开漏洞367个，其中高危漏洞176个。

Чем безопаснее приложение — тем выше шанс, что за тобой следят.

根据国家信息安全漏洞库（CNNVD）统计，本周（2025年3月31日至2025年4月6日）安全漏洞情况如下

近日，微软官方发布了多个安全漏洞的公告，其中微软产品本身漏洞121个，影响到微软产品的其他厂商漏洞0个。

根据国家信息安全漏洞库（CNNVD）统计，本周（2025年3月31日至2025年4月6日）安全漏洞情况如下

近日，微软官方发布了多个安全漏洞的公告，其中微软产品本身漏洞121个，影响到微软产品的其他厂商漏洞0个。

微软在宣布释出四月例行安全更新时披露黑客正在利用一个 Windows 0day 攻击美国 IT 和房地产公司。该漏洞编号 CVE-2025-29824，属于 Windows Common Log File System (CLFS)提权漏洞，被称为 Storm-2460 的组织正利用该漏洞部署勒索软件。被攻击的目标包括了美国的 IT 和房地产公司，委内瑞拉的金融公司、西班牙的一家软件公司以及沙特阿拉伯的零售商。

When a ruse puts on a familiar face, your guard might drop, making you an easy mark. Learn how to tell a friend apart from a foe.

The UK and allies have warned of new mobile spyware targeting Uyghur, Tibetan and Taiwanese communities

Вот он — недостающий ингредиент первородного космического супа.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding active exploitation of a critical vulnerability in the Microsoft Windows Common Log File System (CLFS) Driver. The vulnerability, tracked as CVE-2025-29824, poses a significant security risk by allowing attackers to locally elevate privileges on compromised systems. The flaw is categorized as a Use-After-Free vulnerability—a […]

The post CISA Issues Alert on Active Exploits of Windows CLFS Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Вечная технология умирает ради красивого твита.

Аргентина, Бразилия, Мексика — топ по цифровизации и по взлому.

A vulnerability, which was classified as critical, has been found in SolidState. This issue affects some unknown processing of the file ConfigureUsersPage.class.php. The manipulation of the argument base_path leads to improper privilege management. The identification of this vulnerability is CVE-2006-5020. The attack needs to be approached locally. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in SolidState. Affected is an unknown function of the file DeleteAccountPage.class.php. The manipulation of the argument base_path leads to improper privilege management. This vulnerability is traded as CVE-2006-5020. An attack has to be approached locally. Furthermore, there is an exploit available.

A vulnerability has been found in SolidState and classified as critical. Affected by this vulnerability is an unknown functionality of the file DeleteDomainServicePage.class.php. The manipulation of the argument base_path leads to improper privilege management. This vulnerability is known as CVE-2006-5020. Local access is required to approach this attack. Furthermore, there is an exploit available.

A vulnerability was found in SolidState and classified as critical. Affected by this issue is some unknown functionality of the file DeleteHostingServicePage.class.php. The manipulation of the argument base_path leads to improper privilege management. This vulnerability is handled as CVE-2006-5020. Attacking locally is a requirement. Furthermore, there is an exploit available.