Aggregator

文章介绍了一个针对Windows 11 Pro系统的本地权限提升漏洞（CVE-2025-49744），涉及gdi32.dll和win32kfull.sys组件。提供了一个PowerShell脚本来检测系统是否易受攻击，通过检查Windows版本、已安装的热修复补丁（如KB5039302）、关键文件的时间戳以及GDI32 API交互测试来判断系统是否已打补丁。

Keras 2.15及以下版本存在远程代码执行漏洞（CVE-2025-1550），攻击者通过恶意.keras文件利用反序列化漏洞，在加载模型时执行任意系统命令。该漏洞已修复于2025年4月更新中。

PivotX v3.0.0 RC3 存在存储型 XSS 漏洞，攻击者可通过未过滤的 title 和 subtitle 字段注入恶意脚本窃取管理员 cookie，并进一步实现远程代码执行（RCE）。

Langflow 1.2.x版本存在未认证远程代码执行漏洞（CVE-2025-3248），攻击者通过API端点发送恶意代码，利用exec()函数执行系统命令。

微软修补了Windows CLFS驱动中的CVE-2025-29824漏洞，该漏洞被用于勒索软件攻击链，通过入侵Cisco ASA防火墙并利用此漏洞实现权限提升。微软通过调整资源释放逻辑修复了该漏洞。

微软Windows 11版本22H2中发现提权漏洞CVE-2025-49677，该漏洞允许攻击者通过利用计划任务和批处理脚本获取SYSTEM权限并执行任意命令。

Keras 2.15 - Remote Code Execution (RCE)

Microsoft Brokering File System Windows 11 Version 22H2 - Elevation of Privilege

PivotX 3.0.0 RC3 - Remote Code Execution (RCE)

Microsoft Graphics Component Windows 11 Pro (Build 26100+) - Local Elevation of Privileges

TOTOLINK N300RB 8.54 - Command Execution

Langflow 1.2.x - Remote Code Execution (RCE)

SugarCRM 14.0.0 - SSRF/Code Injection

MikroTik RouterOS 7.19.1 - Reflected XSS

White Star Software Protop 4.4.2-2024-11-27 - Local File Inclusion (LFI)

WP Publications WordPress Plugin 1.2 - Stored XSS

NodeJS 24.x - Path Traversal

This blog explores key findings from CISA’s NIMBUS 2000 Cloud Identity Security Technical Exchange and how Trend Vision One™ Cloud Security aligns with these priorities. It highlights critical challenges in token validation, secrets management, and logging visibility—offering insights into how integrated security solutions can help organizations strengthen their cloud identity defenses and meet evolving federal standards.

17项任务扎实推进新型工业化。

A vulnerability has been found in Oracle Primavera P6 Enterprise Project Portfolio Management 8.3/8.4/15.1/15.2/16.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Web Access. The manipulation leads to improper access controls. This vulnerability is known as CVE-2017-10046. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.