Aggregator

A vulnerability was found in cURL and libcURL. It has been declared as problematic. This vulnerability affects unknown code of the component Protocol Handler. The manipulation leads to cleartext transmission of sensitive information. This vulnerability was named CVE-2024-2004. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in LLVM up to 18.1.2 and classified as critical. Affected by this issue is some unknown functionality of the component LR Register Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2024-31852. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Database up to 10g and classified as critical. This issue affects some unknown processing of the component Packets. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2006-3918. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Cacti up to 1.2.28. Affected is an unknown function of the component Setting Handler. The manipulation of the argument Poller Standard Error Log Path leads to path traversal. This vulnerability is traded as CVE-2024-45598. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Cacti up to 1.2.28. This affects the function build_rule_item_filter in the library lib/api_automation.php of the file automation_tree_rules.php. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2025-24368. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Cacti up to 1.2.28 and classified as critical. This vulnerability affects unknown code. The manipulation leads to improper neutralization of line delimiters. This vulnerability was named CVE-2025-24367. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cacti up to 1.2.8. It has been classified as critical. Affected is the function ss_net_snmp_disk_io/ss_net_snmp_disk_bytes of the component OID Handler. The manipulation leads to os command injection. This vulnerability is traded as CVE-2025-22604. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cacti up to 1.2.28. It has been rated as critical. Affected by this issue is the function get_discovery_results of the file automation_devices.php. The manipulation of the argument network leads to sql injection. This vulnerability is handled as CVE-2024-54145. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Cacti up to 1.2.27 and classified as critical. This vulnerability affects unknown code of the component Log File Handler. The manipulation leads to code injection. This vulnerability was named CVE-2024-43363. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

HackerNews 编译，转载请注明出处： 2025年2月10日，Zimbra发布了软件更新，修复了其协作软件中的多个关键安全漏洞。如果这些漏洞被成功利用，可能会在某些条件下导致信息泄露。 其中一个漏洞被追踪为CVE-2025-25064，CVSS评分为9.8（满分10.0），是ZimbraSync服务SOAP端点中的SQL注入漏洞，影响10.0.12和10.1.4之前的版本。该漏洞源于对用户提供的参数缺乏足够的清理，攻击者可利用此漏洞注入任意SQL查询，通过“操纵请求中的特定参数”来获取电子邮件元数据。 Zimbra还修复了Zimbra经典Web客户端中的另一个关键漏洞，该漏洞涉及存储型跨站脚本（XSS）。该漏洞尚未分配CVE标识符。Zimbra在安全公告中表示，修复增强了输入清理并提升了安全性，相关问题已在9.0.0补丁44、10.0.13和10.1.5版本中得到解决。 此外，Zimbra还修复了CVE-2025-25065（CVSS评分：5.3），这是一个中等严重性的服务器端请求伪造（SSRF）漏洞，存在于RSS解析组件中，允许未经授权的重定向到内部网络端点。该漏洞已在9.0.0补丁43、10.0.12和10.1.4版本中得到修复。Zimbra建议客户尽快更新到最新版本，以获得最佳保护效果。   消息来源：The Hacker News, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

HackerNews 编译，转载请注明出处： 据研究人员观察，网络攻击者正在针对亚洲地区的互联网信息服务（IIS）服务器发起攻击，安装名为BadIIS的恶意软件，以实施搜索引擎优化（SEO）操纵活动。 趋势科技的研究人员泰德·李和伦纳特·贝尔梅霍在上周发布的分析报告中指出：“该活动很可能是出于经济动机，因为攻击者将用户重定向至非法赌博网站，表明他们利用BadIIS是为了谋取利润。” 此次攻击活动的目标包括印度、泰国、越南、菲律宾、新加坡、中国台湾、韩国、日本和巴西的IIS服务器，涉及政府、大学、科技公司和电信行业等多个领域。 攻击者通过向受感染服务器发送请求，可向用户推送篡改后的内容，包括将用户重定向至赌博网站，或连接到托管恶意软件或凭据收集页面的恶意服务器。 据推测，此次攻击活动可能与中国DragonRank威胁团伙有关。该团伙以使用SEO操纵手段传播BadIIS恶意软件而闻名，其活动曾在2024年被思科Talos记录。此外，DragonRank的活动还与ESET在2021年提到的“9号团伙”有关，后者利用受感染的IIS服务器提供代理服务并实施SEO欺诈。 趋势科技指出，此次检测到的恶意软件样本与“11号团伙”使用的变种存在相似之处，具有两种模式：一是通过篡改HTTP响应头信息实施SEO欺诈，二是向合法访问者的响应中注入可疑JavaScript代码。 研究人员表示：“BadIIS可以篡改来自网络服务器的HTTP响应头信息，它会检查收到的HTTP头中的‘用户代理’和‘来源’字段。如果这些字段包含特定的搜索引擎站点或关键词，BadIIS会将用户重定向至与非法在线赌博网站相关的页面，而不是合法网页。” 与此同时，Silent Push将中国Funnull内容分发网络（CDN）与一种名为“基础设施洗白”的行为联系起来。攻击者通过从亚马逊网络服务（AWS）和微软Azure等主流托管提供商处租用IP地址，用于托管犯罪网站。Funnull被指从亚马逊租用了超过1200个IP地址，从微软租用了近200个IP地址，这些恶意基础设施已被全部关停。然而，该公司表示：“Funnull每隔几周就会持续获取新的IP地址，很可能是通过欺诈或被盗账户获取这些IP地址，以映射到其CNAME。”   消息来源：The Hacker News, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

Currently trending CVE - hypeScore: 1 - Microsoft Outlook Remote Code Execution Vulnerability

Currently trending CVE - hypeScore: 1 - Windows OLE Remote Code Execution Vulnerability

HackerNews 编译，转载请注明出处： 据网络安全公司 Sucuri 报告，威胁行为者正在利用 Google Tag Manager（GTM）向基于 Magento 的电商网站部署信用卡窃取恶意软件。 这些恶意代码表面上看似用于网站分析和广告目的的常规 GTM 和 Google Analytics 脚本，但实际上包含了一个混淆的后门，能够为攻击者提供持续访问权限。截至发稿时，已有三个网站被发现感染了相关 GTM 标识符（GTM-MLHK2N68），低于 Sucuri 报告的六个。GTM 标识符是指包含各种跟踪代码（如 Google Analytics、Facebook Pixel）和在满足特定条件时触发的规则的容器。 进一步分析显示，恶意软件是从 Magento 数据库表 “cms_block.content” 中加载的，GTM 标签包含一个编码的 JavaScript 负载，用作信用卡窃取器。安全研究员 Puja Srivastava 表示：“该脚本旨在收集用户在结账过程中输入的敏感数据，并将其发送到攻击者控制的远程服务器。” 恶意软件执行后，会从结账页面窃取信用卡信息并发送到外部服务器。这并非 GTM 首次被用于恶意目的。2018 年 4 月，Sucuri 曾揭露该工具被用于恶意广告活动。 此次事件发生在该公司详细描述另一场 WordPress 活动数周之后，该活动可能利用插件漏洞或受攻击的管理员账户安装恶意软件，将网站访客重定向至恶意 URL。   消息来源：The Hacker News, 编译：zhongx；  本文由 HackerNews.cc 翻译整理，封面来源于网络；   转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability classified as critical has been found in ProfileGrid Plugin up to 5.8.3 on WordPress. This affects an unknown part. The manipulation leads to missing authorization. This vulnerability is uniquely identified as CVE-2024-3606. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2024-3948. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Tuya U6N 3.2.5. It has been declared as critical. This vulnerability affects unknown code of the component Packet Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2024-32268. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /Employee/edit-photo.php. The manipulation of the argument userImage leads to unrestricted upload. This vulnerability was named CVE-2024-4500. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in SourceCodester Prison Management System 1.0. This vulnerability affects unknown code of the file /Employee/edit-profile.php. The manipulation of the argument txtfullname/txtdob/txtaddress/txtqualification/cmddept/cmdemployeetype/txtappointment leads to cross site scripting. This vulnerability was named CVE-2024-4512. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /Admin/user-record.php. The manipulation of the argument txtfullname leads to cross site scripting. This vulnerability is known as CVE-2024-4528. The attack can be launched remotely. Furthermore, there is an exploit available.