[remote] Microsoft SharePoint 2019 - NTLM Authentication
Microsoft SharePoint 2019存在NTLM认证漏洞,允许低权限或暴力破解的域账户访问敏感API端点,导致元数据泄露、凭证枚举及API滥用风险。该漏洞被评定为高危-关键级别。
Aggregator
[remote] gogs 0.13.0 - Remote Code Execution (RCE)
9 months 4 weeks ago
文章描述了针对Gogs 0.13.0及以下版本的远程代码执行漏洞(CVE-2024-39930),展示了如何通过创建仓库、添加SSH密钥并利用git-upload-pack命令注入恶意代码来实现远程控制。该漏洞允许攻击者在目标服务器上执行任意命令。
[webapps] Moodle 4.4.0 - Authenticated Remote Code Execution
9 months 4 weeks ago
文章描述了Moodle多个版本中存在的远程代码执行漏洞(CVE-2024-43425),通过构造特定请求利用测验功能实现代码执行。
[remote] Wing FTP Server 7.4.3 - Unauthenticated Remote Code Execution (RCE)
9 months 4 weeks ago
Wing FTP Server 7.4.3及以下版本存在未认证远程代码执行漏洞(CVE-2025-47812),攻击者可通过注入NULL字节和Lua代码到用户名参数中,在访问特定功能时触发代码执行,获得服务器高权限(Linux为root,Windows为SYSTEM)。
Quickpost: Doorbell & Condensation
9 months 4 weeks ago
作者分享了门铃灯泡除了照明外还能防止冷凝水的经验。
【下载】2025上半年全行业数字化及网络安全政策合集
9 months 4 weeks ago
助力企业精准施策,加速数字化建设落地。
CVE-2025-21911 | Linux Kernel up to 6.12.18/6.13.6 deadlock (Nessus ID 241070)
9 months 4 weeks ago
A vulnerability was found in Linux Kernel up to 6.12.18/6.13.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to deadlock.
This vulnerability is known as CVE-2025-21911. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-22009 | Linux Kernel up to 6.6.84/6.12.20/6.13.8 kobject_get null pointer dereference (Nessus ID 241070)
9 months 4 weeks ago
A vulnerability has been found in Linux Kernel up to 6.6.84/6.12.20/6.13.8 and classified as critical. This vulnerability affects the function kobject_get. The manipulation leads to null pointer dereference.
This vulnerability was named CVE-2025-22009. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-11956 | Pimcore customer-data-framework up to 4.2.0 list filterDefinition/filter sql injection (GHSA-q53r-9hh9-w277 / EDB-52193)
9 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in Pimcore customer-data-framework up to 4.2.0. Affected by this issue is some unknown functionality of the file /admin/customermanagementframework/customers/list. The manipulation of the argument filterDefinition/filter leads to sql injection.
This vulnerability is handled as CVE-2024-11956. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2023-20200 | Cisco FXOS/UCS SNMP Service denial of service (cisco-sa-fp-ucsfi-snmp-dos-qtv69NAO / EUVD-2023-24379)
9 months 4 weeks ago
A vulnerability, which was classified as problematic, was found in Cisco FXOS and UCS. This affects an unknown part of the component SNMP Service. The manipulation leads to denial of service.
This vulnerability is uniquely identified as CVE-2023-20200. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-37099 | HPE Insight Remote Support processAttachmentDataStream path traversal (EUVD-2025-19668)
9 months 4 weeks ago
A vulnerability was found in HPE Insight Remote Support. It has been classified as critical. This affects the function processAttachmentDataStream. The manipulation leads to path traversal.
This vulnerability is uniquely identified as CVE-2025-37099. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
第127篇:蓝队分析取证工具箱V3.12+重要更新+内存马分析+流量解析+应急溯源等功能
9 months 4 weeks ago
祝大家顺利完成一年一度的网络安全大考,同时注意身体健康,多喝水。
Daily Dose of Dark Web Informer - 1st of July 2025
9 months 4 weeks ago
This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.
Dark Web Informer - Cyber Threat Intelligence
Threat Attack Daily - 1st of July 2025
10 months ago
Threat Attack Daily - 1st of July 2025
Dark Web Informer - Cyber Threat Intelligence
Ransomware Attack Update for the 1st of July 2025
10 months ago
Ransomware Attack Update for the 1st of July 2025
Dark Web Informer - Cyber Threat Intelligence
Safepay
10 months ago
You must login to view this content
cohenido
Safepay
10 months ago
You must login to view this content
cohenido
SDL 79/100问:如何塑造开发安全文化?
10 months ago
提到塑造文化,总是让人想到培训、考试、认证等,但除了这些呢?通过长期实践后,发现还可以结合具体的业务去做:
1、做集团级的研发安全风险晒榜:在公司内部或公司高管/各部门负责人范围内,按照部门进行安全风险晾晒,可以让业务线从上至下的重视起来;
2、通过重大安全保障活动扩大影响力:比如每年国家级的HW,业务方凡是出现了事故,你绝对会重视起来,次年估计都会主动找安全团队要帮忙。
总结一下,既要依靠常规的培训和考试、宣传等措施,又可以结合研发安全业务的一些指标、安全事件配合一起塑造研发安全的文化和氛围。
1、SDL 100问
SDL100问:我与SDL的故事
SAST误报太高,如何解决?
SDL需要哪些人参与?
大家都有哪些SDL运营指标?
业务系统是否可以带漏洞上线?
日常的漏洞运营,也应该是SDL团队来做吗?
SDL 78/100问:关于开发安全BP,对开展SDL有哪些帮助?
2、SDL创新实践
首发!“ 研发安全运营 ” 架构研究与实践
DevSecOps实施关键:研发安全团队
DevSecOps实施关键:研发安全流程
DevSecOps实施关键:研发安全规范
DevSecOps实施关键:研发安全工具
从安全视角,看研发安全
数字化转型下研发安全痛点
一个思考:安全测试驱动产品安全?
3、SDL最初实践
【SDL最初实践】开篇
【SDL最初实践】安全培训
【SDL最初实践】安全需求
【SDL最初实践】安全设计
【SDL最初实践】安全开发
【SDL最初实践】安全测试
【SDL最初实践】安全审核
【SDL最初实践】安全响应
4、安全运营实践
基于实践的安全事件简述
安全事件运营SOP:钓鱼邮件
安全事件运营SOP:网络攻击
安全事件运营SOP:蜜罐告警
安全事件运营SOP:webshell事件
安全事件运营SOP:接收漏洞事件
应急能力提升:实战应急困境与突破
应急能力提升:挖矿权限维持攻击模拟
U.S. Target North Korean IT Worker Scams with Raids, Indictments
10 months ago
The DOJ announced a far-reaching operation that aimed to knock out a substantial number of North Korean IT worker scams that have victimized more than 100 U.S. companies that unwittingly hired North Korean operatives as remote workers, who then stole data and money to support the Pyongyang regime.
The post U.S. Target North Korean IT Worker Scams with Raids, Indictments appeared first on Security Boulevard.
Jeffrey Burt
CVE-2025-53100 | RestDB codehooks-mcp-server up to 0.2.1 os command injection (GHSA-fhq6-jf5q-qxvq / EUVD-2025-19660)
10 months ago
A vulnerability was found in RestDB codehooks-mcp-server up to 0.2.1 and classified as critical. This issue affects some unknown processing. The manipulation leads to os command injection.
The identification of this vulnerability is CVE-2025-53100. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com