Aggregator

APT组织Lazarus 在Rootkit（获取内核权限）攻击中使用了微软的0day漏洞;APT组织Kimsuky利用软件公司产品安装程序进行伪装展开攻击;NoName057(16)组织DDoSia项目持续更新;

A vulnerability, which was classified as problematic, was found in DeBAAT WP Media Category Management Plugin up to 2.2 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-32950. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in BloomPixel Max Addons Pro for Bricks Plugin up to 1.6.1 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-32952. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Rometheme Kit For Elementor Plugin up to 1.4.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-32956. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Leap13 Premium Addons for Elementor Plugin up to 4.10.25 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-32791. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in ShapedPlugin Widget Post Slider Plugin up to 1.3.5 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-32801. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Coupon & Discount Code Reveal Button Plugin up to 1.2.5 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-32722. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Repute InfoSystems ARForms Plugin up to 6.4 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-32702. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in GhozyLab Image Slider Widget Plugin up to 1.1.125 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-32707. The attack may be launched remotely. There is no exploit available.

2025年3月24日，日本在东京防卫省总部正式成立了自卫队联合作战司令部（Joint Operations

2025年3月24日，日本在东京防卫省总部正式成立了自卫队联合作战司令部（Joint Operations

2025年3月24日，日本在东京防卫省总部正式成立了自卫队联合作战司令部（Joint Operations

A vulnerability was found in Assimp 5.4.3. It has been declared as critical. This vulnerability affects the function SkipSpacesAndLineEnd. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2024-53425. Access to the local network is required for this attack to succeed. There is no exploit available.

APKDeepLens APKDeepLens is a Python-based tool designed to scan Android applications (APK files) for security vulnerabilities. It specifically targets the OWASP Top 10 mobile vulnerabilities, providing an easy and efficient way for developers, penetration...

The post APKDeepLens: scan Android applications for security vulnerabilities appeared first on Penetration Testing Tools.