【支持排查与检测】Vite任意文件读取漏洞(CVE-2025-31125)
近日,绿盟科技CERT监测到Vite发布安全公告,修复了Vite任意文件读取漏洞(CVE-2025-31125)。目前漏洞细节与PoC已公开,请相关用户尽快采取措施进行防护。
Aggregator
CERN против Китая: битва за будущее фундаментальной физики
8 months 3 weeks ago
Успеет ли Европа построить коллайдер первой?
CVE-2024-33793 | Netis MEX605 2.00.06 Ping Test Page cross site scripting
8 months 3 weeks ago
A vulnerability was found in Netis MEX605 2.00.06 and classified as problematic. Affected by this issue is some unknown functionality of the component Ping Test Page. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2024-33793. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-4193 | Testimonial Slider Plugin up to 1.3.2 on WordPress cross site scripting
8 months 3 weeks ago
A vulnerability classified as problematic has been found in Testimonial Slider Plugin up to 1.3.2 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2024-4193. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-34066 | Pterodactyl Wings up to 1.11.11 ignore_panel_config_updates file access
8 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Pterodactyl Wings up to 1.11.11. This issue affects the function ignore_panel_config_updates. The manipulation leads to files or directories accessible.
The identification of this vulnerability is CVE-2024-34066. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2023-7065 | Stop Spammers Security Plugin up to 2024.4 on WordPress sfs_process cross-site request forgery
8 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Stop Spammers Security Plugin up to 2024.4 on WordPress. Affected by this issue is the function sfs_process. The manipulation leads to cross-site request forgery.
This vulnerability is handled as CVE-2023-7065. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2023-6854 | Breakdance Plugin up to 1.7.0 on WordPress postmeta cross site scripting
8 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Breakdance Plugin up to 1.7.0 on WordPress. This affects an unknown part of the component postmeta Handler. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2023-6854. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
「Apple AI」中文版正式上线:还不太好用,但确实很「苹果」
8 months 3 weeks ago
不一样的中文体验,一样的「苹果独家」。
「Apple AI」中文版正式上线:还不太好用,但确实很「苹果」
8 months 3 weeks ago
不一样的中文体验,一样的「苹果独家」。
「Apple AI」中文版正式上线:还不太好用,但确实很「苹果」
8 months 3 weeks ago
不一样的中文体验,一样的「苹果独家」。
「Apple AI」中文版正式上线:还不太好用,但确实很「苹果」
8 months 3 weeks ago
不一样的中文体验,一样的「苹果独家」。
「Apple AI」中文版正式上线:还不太好用,但确实很「苹果」
8 months 3 weeks ago
不一样的中文体验,一样的「苹果独家」。
24小时Boss战:微服务/AI/Rust三大终极关卡,你敢开团吗?
8 months 3 weeks ago
24小时Boss战:微服务/AI/Rust三大终极关卡,你敢开团吗?
8 months 3 weeks ago
24小时Boss战:微服务/AI/Rust三大终极关卡,你敢开团吗?
8 months 3 weeks ago
24小时Boss战:微服务/AI/Rust三大终极关卡,你敢开团吗?
8 months 3 weeks ago
24小时Boss战:微服务/AI/Rust三大终极关卡,你敢开团吗?
8 months 3 weeks ago
24小时Boss战:微服务/AI/Rust三大终极关卡,你敢开团吗?
8 months 3 weeks ago
24小时Boss战:微服务/AI/Rust三大终极关卡,你敢开团吗?
8 months 3 weeks ago
【THM】offensive-Kenobi-渗透认证相关基础
8 months 3 weeks ago
免责声明: 本人所有文章均为技术分享,均用于防御为目的的记录,所有操作均在实验环境下进行,请勿用于其他用途,否则后果自负。