Aggregator

A vulnerability classified as critical has been found in Cato CatoClient up to 5.4 on Linux. Affected is an unknown function. The manipulation leads to link following. This vulnerability is traded as CVE-2025-7012. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Эти протоколы решат, кто останется на работе — вы или робот

Securitylab.ru

7 months 2 weeks ago

A2A и MCP — не просто протоколы. Это инструкции, как ИИ будет заменять нас по инструкции.

依然不过时的WAF绕过技术

迪哥讲事

7 months 2 weeks ago

声明：文章中涉及的程序(方法)可能带有攻击性，仅供安全研究与教学之用，读者将其信息做其他用途，由用户承担全部

Как безопасно подготовить б/у Android-смартфон после покупки

Securitylab.ru

7 months 2 weeks ago

Простые способы проверки, которые откроют глаза на истинное состояние устройства.

Qilin

Dark Feed IO

7 months 2 weeks ago

You must login to view this content

cohenido

First time setting up tcpdump+Wireshark to learn. Advice?

不安全

7 months 2 weeks ago

用户计划使用tcpdump和Wireshark在MacBook上捕获并分析旧款iOS设备的全流量，以实现首次越狱，并手动检查所有网络活动以确保不遗漏任何隐藏遥测或敏感信息。

【安全圈】Trendyol 披露 Meta 存在漏洞：Prompt Injection 成功率高达 50%

安全圈

7 months 2 weeks ago

【安全圈】印度背景黑客组织 DoNot APT 使用 LoptikMod 恶意软件攻击欧洲外交部

安全圈

7 months 2 weeks ago

关键词网络攻击据 Trellix 高级研究中心披露，长期活跃于南亚地区的 DoNot APT 黑客组织近期将攻

【安全圈】PerfektBlue：四项蓝牙协议栈漏洞危及数百万车辆，可被远程执行代码

安全圈

7 months 2 weeks ago

【安全圈】OpenAI 即将推出集成 AI 智能体的 Chromium 浏览器，挑战 Chrome 市场主导地位

安全圈

7 months 2 weeks ago

关键词ChatGptOpenAI即将推出一款人工智能增强型网页浏览器，标志着该公司在ChatGPT平台之外的进

Historical Analysis of Reflected Vulnerabilities: The Evolution of Windows Defender Defenses

不安全

7 months 2 weeks ago

这篇文章分析了“反射漏洞”这一类历史安全缺陷及其利用技术（如解析器攻击等），并指出这些漏洞在现代Windows系统中已被ASLR、DEP等防御机制淘汰。提供的概念验证代码仅用于教育目的，符合负责任披露原则。

CVE-2025-7525 | TOTOLINK T6 4.1.5cu.748_B20211015 HTTP POST Request /cgi-bin/cstecgi.cgi setTracerouteCfg command command injection

Vuldb Updates

7 months 2 weeks ago

A vulnerability was found in TOTOLINK T6 4.1.5cu.748_B20211015. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument command leads to command injection. This vulnerability was named CVE-2025-7525. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2019-11358 | Oracle Communications Interactive Session Recorder 6.0/6.1/6.2/6.3 cross site scripting (EDB-52141 / Nessus ID 208606)

Vuldb Updates

7 months 2 weeks ago

A vulnerability has been found in Oracle Communications Interactive Session Recorder 6.0/6.1/6.2/6.3 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2019-11358. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

Он предсказал интернет в 1945 году. И боялся, что мы разучимся думать. История Вэнивара Буша

Securitylab.ru

7 months 2 weeks ago

Почему предсказание Буша о будущем вызывает тревогу.

CVE-2018-5985 | LiveCRM SaaS Cloud Component 1.0 on Joomla Request sql injection (EDB-43860)

Vuldb Updates

7 months 2 weeks ago

A vulnerability was found in LiveCRM SaaS Cloud Component 1.0 on Joomla. It has been declared as critical. This vulnerability affects unknown code. The manipulation as part of Request leads to sql injection. This vulnerability was named CVE-2018-5985. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

Any possiblity of cracking a SanDiskSecureAccess vault?

不安全

7 months 2 weeks ago

用户从旧USB中复制了文件，并希望打开加密的保险库。由于使用了SanDisk SecureAccess加密且密码可能简单（如纯文本），用户寻求破解工具来访问内容。

Aggregator

Managed ad