vulnerability

Zero Day Initiative Advisories (published) 2025-06-10 阅读缓存

ZDI-25-332: Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability

收藏阅读缓存
Penetration Testing 2025-06-10 vulnerability · cybersecurity · data breach · geospatial · geotools · java · remote code execution · xml external entity · xxe 阅读缓存

CVSS 9.9: Critical XXE Flaw in GeoTools Exposes Geospatial Data Systems

收藏阅读缓存
Penetration Testing 2025-06-10 vulnerability report · administrator · cve-2025-4601 · cybersecurity · privilege escalation · realhomes · themeforest · vulnerability · website security · wordfence 阅读缓存

CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover

收藏阅读缓存
Penetration Testing 2025-06-10 vulnerability report · cisa · cve-2024-42009 · cve-2025-32433 · cybersecurity · erlang/otp · exploit · kev catalog · rce · roundcube 阅读缓存

CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack

收藏阅读缓存
Penetration Testing 2025-06-10 vulnerability report · cve-2025-48757 · cybersecurity · data breach · linkable · lovable · low-code · rls · row-level security · supabase 阅读缓存

CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects

收藏阅读缓存
Penetration Testing 2025-06-10 vulnerability report · authentication bypass · cve-2025-41646 · cybersecurity · ics · industrial automation · industrial control systems · kunbus · revpi webstatus · vulnerability 阅读缓存

CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems

收藏阅读缓存
Penetration Testing 2025-06-09 vulnerability · apache kafka · cybersecurity · jaas · kafka connect · kafka security · remote code execution · ssrf 阅读缓存

Apache Kafka Clients at Risk: File Reads, SSRF, and RCE Exploits Trigger Urgent Security Fixes

收藏阅读缓存
Penetration Testing 2025-06-09 malware · vulnerability report · akamai · botnet · cve-2025-24016 · cyberattack · iot · mirai · rce · security 阅读缓存

Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets

收藏阅读缓存
不安全 2025-06-09 阅读缓存

Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks

收藏阅读缓存
Blog 2025-06-09 阅读缓存

Two Botnets, One Flaw: Mirai Spreads Through Wazuh Vulnerability

收藏阅读缓存
Penetration Testing 2025-06-09 vulnerability · cybersecurity · enterprise security · exchange reporter plus · exchange server · manageengine · rce · remote code execution 阅读缓存

Critical 9.6 CVSS RCE: ManageEngine Exchange Reporter Plus Vulnerability Discovered!

收藏阅读缓存
Penetration Testing 2025-06-09 vulnerability report · account takeover · cve-2025-31022 · cybersecurity · payu commercepro · plugin · unpatched · vulnerability · web security · woocommerce 阅读缓存

Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!

收藏阅读缓存
Penetration Testing 2025-06-09 vulnerability · appcontainer · cybersecurity · exploit · microsoft bfs · poc · privilege escalation · race condition · use after free · uwp 阅读缓存

Microsoft BFS Flaws Expose Windows to Privilege Escalation – PoC Code Released

收藏阅读缓存
Penetration Testing 2025-06-09 vulnerability · cybersecurity · data compromise · file station 5 · network storage · qnap · qsync central · remote code execution · security update · sql injection 阅读缓存

QNAP Fixes SQL Injection and Certificate Validation Flaws in Qsync Central and File Station 5

收藏阅读缓存
Penetration Testing 2025-06-09 vulnerability report · b. braun · cve-2025-3322 · cybersecurity · healthcare · it security · medical devices · onlinesuite ap 3.0 · patient safety · rce 阅读缓存

Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure

收藏阅读缓存
Penetration Testing 2025-06-09 cyber security · vulnerability report · apt · cert polska · credential theft · cve-2024-42009 · cybersecurity · roundcube · spear-phishing · unc1151 阅读缓存

UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack

收藏阅读缓存
Penetration Testing 2025-06-09 vulnerability report · crypto/x509 · cve · cybersecurity · go · golang · net/http · os · security vulnerability · software update 阅读缓存

Go Fixes Three Security Flaws: Update Your Apps Now!

收藏阅读缓存
Penetration Testing 2025-06-09 vulnerability report · aws amplify · ci/cd security · cve-2025-4318 · javascript exploits · node.js · poc exploit · remote code execution · web development security 阅读缓存

CVE-2025-4318 (CVSS 9.5): AWS Amplify RCE Flaw Exposed with PoC – CI/CD Pipelines at Risk

收藏阅读缓存
Penetration Testing 2025-06-08 malware · vulnerability report · botnet · cve-2024-3721 · cybersecurity · ddos · dvr · iot security · mirai · surveillance 阅读缓存

New Mirai Botnet Variant Targets DVR Systems via CVE-2024-3721

收藏阅读缓存
Penetration Testing 2025-06-08 vulnerability · deserialization · exploit · php · php object injection · poc · rce · security · vbulletin 阅读缓存

Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC

收藏阅读缓存
Penetration Testing 2025-06-07 vulnerability report · console hacking · cybersecurity · david buchanan · exploit · gaming · nintendo switch 2 · rop · userland · vulnerability 阅读缓存

Nintendo Switch 2 Hacked? Early Exploit Uncovered!

收藏阅读缓存
Penetration Testing 2025-06-07 vulnerability report · ci/cd · cross-site scripting · cve-2025-5806 · cybersecurity · devops · gatling plugin · jenkins · security advisory · vulnerability 阅读缓存

Unpatched XSS Vulnerability in Jenkins Gatling Plugin Puts Users at Risk (CVE-2025-5806)

收藏阅读缓存
Penetration Testing 2025-06-07 vulnerability report · cisa · critical infrastructure · cve-2025-30184 · cyberdata · cybersecurity · industrial control systems · patch now · remote code execution · sip intercom 阅读缓存

CISA Alert: Critical Vulnerabilities Found in CyberData SIP Emergency Intercom Devices

收藏阅读缓存
Zero Day Initiative Advisories (published) 2025-06-06 阅读缓存

ZDI-25-331: Autodesk Revit RFA File Parsing Use-After-Free Remote Code Execution Vulnerability

收藏阅读缓存
Zero Day Initiative Advisories (published) 2025-06-06 阅读缓存

ZDI-25-330: (0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger Management Card Hard-coded Credentials Authentication Bypass Vulnerability

收藏阅读缓存
Zero Day Initiative Advisories (published) 2025-06-06 阅读缓存

ZDI-25-329: (0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse Heap-based Buffer Overflow Remote Code Execution Vulnerability

收藏阅读缓存
Zero Day Initiative Advisories (published) 2025-06-06 阅读缓存

ZDI-25-328: (0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized Variable Authentication Bypass Vulnerability

收藏阅读缓存
Zero Day Initiative Advisories (published) 2025-06-06 阅读缓存

ZDI-25-327: (0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method Remote Code Execution Vulnerability

收藏阅读缓存
Zero Day Initiative Advisories (published) 2025-06-06 阅读缓存

ZDI-25-326: (0Day) (Pwn2Own) WOLFBOX Level 2 EV Charger MCU Command Parsing Misinterpretation of Input Remote Code Execution Vulnerability

收藏阅读缓存
Penetration Testing 2025-06-06 vulnerability report · apple · apt group · cybersecurity · imessage · ios security · mobile security · nickname vulnerability · state-sponsored attacks · surveillance 阅读缓存

New Zero-Click iPhone Exploit “NICKNAME” Targeted High-Profile Individuals Across the US and EU

收藏阅读缓存