Aggregator

Currently trending CVE - Hype Score: 8 - A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched ...

Currently trending CVE - Hype Score: 5 - Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection.

Currently trending CVE - Hype Score: 12 - A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a ...

Currently trending CVE - Hype Score: 26 - Notepad++ versions prior to 8.8.9, when using the WinGUp updater, contain an update integrity verification vulnerability where downloaded update metadata and installers are not cryptographically verified. An attacker able to intercept or redirect update traffic can cause the ...

Currently trending CVE - Hype Score: 1 - The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

Currently trending CVE - Hype Score: 12 - pictureproxy.php in the dirk1983 mm1.ltd source code f9f4bbc allows SSRF via the url parameter. NOTE: the references section has an archived copy of pictureproxy.php from its original GitHub location, but the repository name might later change because it is misleading.

Currently trending CVE - Hype Score: 1 - Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; ...

Currently trending CVE - Hype Score: 16 - Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange. This did ...

Currently trending CVE - Hype Score: 20 - A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code ...

Currently trending CVE - Hype Score: 12 - Microsoft Configuration Manager Remote Code Execution Vulnerability

在渗透测试和内网穿透场景中，ICMP 隧道是一种经典的隐蔽通信手段。市面上已经有不少成熟工具，比如 icmpsh、PingTunnel、icmptunnel 等，它们功能完善、开箱即用。但在实际使用中，我逐渐发现了一个问题：这些工具都是"黑盒"——你能用它们完成任务,却很难理解它们是如何工作的，更无法根据实际需求定制协议细节或调整流量特征。

该环境为多个域环境组成，涵盖多个域内知识点及利用过程。

外网打点：端口探测使用nmap进行端口探测发现存在22，80端口存活配置host文件之后，访问80端口，发现存在web页面web页面渗透测试测试功能，发现是一个聊天软件注册用户[email protected]/[email protected]发现存在点赞功能和评论功能漏洞入口XSS漏洞使用burp抓包尝试，发现存在·xss漏洞点击帖子上的“点赞”按钮后，界面会立即显示已点赞的用户列表。该列表会动态变化——每次

MHT：时间在流动！时间在流动！在跳舞！木大木大木大木大木大！

在 Windows 架构中，杀软内核驱动通常扮演着“超级裁判”的角色。它通过在内核中植入一系列通知回调（Notification Routines）和微过滤监听器（Minifilter Callbacks），将自己强行插入到系统处理关键动作（如进程启动、文件读写、内存映射）的路径上。

谁在偷窥你的键盘？揭秘潜伏在系统进程背后的“银狐”

从0到1分析了该漏洞的核心原理，并纠正部分误区