Aggregator

（图作者 | @Aoemax）

misakaX是什么 misakaX是一个ios性化定制工具，可以帮助你调整灵动岛、充电限制、开机铃声、快门声音等等，而且还可以让国行版本iOS设备开启Apple Intelligence功能，...

A vulnerability, which was classified as critical, was found in phporacleview. This affects an unknown part of the file include_all.inc.php. The manipulation of the argument page_dir leads to code injection. This vulnerability is uniquely identified as CVE-2007-2340. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

蓝奏云久前就出了新规则，分享apk文件需要会员用户才能访问下载，手机端需要会员访问，也就是说非蓝奏会员用户分享apk文件，用户在手机端打开无法下载文件。 今天小高教你一招解决！ 相信以后，这种软...

A vulnerability has been found in phpBandManager 0.8 and classified as critical. This vulnerability affects unknown code of the file suite/index.php. The manipulation of the argument pg leads to file inclusion. This vulnerability was named CVE-2007-2341. The attack can be initiated remotely. Furthermore, there is an exploit available.

前200名免费

学网络，尽在网络技术联盟站！

A vulnerability was found in Gimp 2.2.14. It has been rated as critical. Affected by this issue is the function set_color_table of the file sunras.c. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2007-2356. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linbit Linbox Officeserver. It has been classified as critical. Affected is an unknown function of the file admin/user.pl. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2004-1878. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Quantum Art Qp7 Enterprise up to qp7.enterprise. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file news_and_events_new.asp. The manipulation of the argument p_news_id leads to sql injection. This vulnerability is known as CVE-2005-4486. The attack can be launched remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment.

A vulnerability classified as critical has been found in Gebrauchtwagenreport DEKRA Used Car Report 3.0.0. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-5996. The attack needs to be initiated within the local network. There is no exploit available.

RustPatchlessCLRLoader The RustPatchlessCLRLoader leverages a sophisticated integration of patchless techniques for bypassing both Event Tracing for Windows (ETW) and the Windows Antimalware Scan Interface (AMSI) across all threads with the goal of loading .NET...

The post RustPatchlessCLRLoader: .NET assembly loader with patchless AMSI and ETW bypass appeared first on Penetration Testing Tools.

OSV-Scanner Use OSV-Scanner to find existing vulnerabilities affecting your project’s dependencies. OSV-Scanner provides an officially supported frontend to the OSV database that connects a project’s list of dependencies with the vulnerabilities that affect them. Since...

The post osv-scanner: find existing vulnerabilities affecting your project’s dependencies appeared first on Penetration Testing Tools.

A vulnerability was found in Ericpol eWUS mobile 1.4.5. It has been rated as critical. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-5995. The attack needs to be done within the local network. There is no exploit available.

dissect Dissect is a digital forensics and incident response framework and toolset developed by Fox-IT (part of NCC Group). It allows you to quickly access and analyze forensic artifacts from various disk and file formats....

The post Dissect: The Open-Source Framework for Large-Scale Host Investigations appeared first on Penetration Testing Tools.

SpyAgent 还可以接收来自 C2 的命令，以更改声音设置或发送短信，这些命令很可能用于发送钓鱼短信以传播恶意软件。

A vulnerability was found in Oracle Business Process Management Suite 12.2.1.4.0. It has been classified as critical. Affected is an unknown function of the component Runtime Engine. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2021-34429. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

今天我们来探讨一个近期在安全评估中发现的有趣问题——SeRelabelPrivilege 的滥用。

The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.