Aggregator
CVE-2001-0499 | Oracle 8.1.7 TNS Listener STATUS/PING/SERVICES/TRC_FILE/SAVE_CONFIG/RELOAD memory corruption (VU#620495 / EDB-16340)
Proxmox Mail Gateway: Open-source email security solution reaches version 9.0
First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop threats before they reach users. The platform delivers anti-spam and antivirus filtering to help organizations counter email-borne risks such as malware, Trojans, and phishing campaigns. What’s new in Proxmox Mail Gateway 9.0 Debian 13 “Trixie” at the core The latest release of Proxmox Mail Gateway is built on … More →
The post Proxmox Mail Gateway: Open-source email security solution reaches version 9.0 appeared first on Help Net Security.
ZDI-CAN-27785: claude-hovercraft
JVN: 複数のデンソーテン製ドライブレコーダビューアのインストーラにおける任意のDLL読み込みの脆弱性
CVE-2025-33073 域内提权NTLM反射漏洞复现
Windows SMB 客户端中发现一项严重漏洞(CVE-2025-33073),允许普通域用户在未启用服务器端 SMB 签名的情况下,借助恶意 SMB 服务器进行权限提升,最终获得本地 SYSTEM 级别权限。攻击流程如下:
CVE-2001-0500 | Microsoft Indexing Service up to 2.0 ISAPI Extension idq.dll memory corruption (EDB-20930 / Nessus ID 10713)
CVE-2001-0501 | Microsoft Word 97/98/2000/2001/2002 Macro Warning privileges management (ID 110000 / XFDB-6732)
CVE-2001-0502 | Microsoft Windows 2000 LDAP Server improper authentication (MS01-036 / Nessus ID 10619)
CVE-2001-0504 | Microsoft Windows 2000 SMTP Service privileges management (VU#435963 / Nessus ID 10703)
CVE-2001-0508 | Microsoft IIS 5.0 WebDAV PROPFIND denial of service (MS01-044 / Nessus ID 10685)
CVE-2001-0507 | Microsoft IIS 5.0 Path privileges management (MS01-044 / EDB-21072)
CVE-2025-11316 | Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findCategoryPage.do findCategoryPage sql injection (EUVD-2025-32484)
CVE-2025-11317 | Tipray 厦门天锐科技股份有限公司 Data Leakage Prevention System 天锐数据泄露防护系统 findSingConfigPage.do findRolePage sql injection (EUVD-2025-32483)
Iran-Linked Nasir Hackers Claim Israeli Breach
You must login to view this content
Old authentication habits die hard
Many organizations still rely on weak authentication methods while workers’ personal habits create additional risks, according to Yubico. Training and policy gaps 40% of employees said they have never received cybersecurity training. Even among those who have, the guidance is often outdated because many organizations wait months before updating their security policies. This delay leaves people unprepared. Employees who do not understand current risks are more likely to fall back on familiar habits, which attackers … More →
The post Old authentication habits die hard appeared first on Help Net Security.
OpenAI превращает ChatGPT в конкурента X. Илон Маск против Сэма Альтмана — теперь и в социальных сетях
Hackers Claim Major Breach at Red Hat
You must login to view this content