信息源 | 时间 | ||
---|---|---|---|
CVE
|
CVEnew | 原文
CVE-2022-21686 PrestaShop is an Open Source e-commerce platform. Starting with version 1.7.0.0 and ending with version 1.7.8.3, an attacker is able to... |
|
CVE
|
CVEnew | 原文
CVE-2021-32840 SharpZipLib (or #ziplib) is a Zip, GZip, Tar and BZip2 library. Prior to version 1.3.3, a TAR file entry `../evil.txt` may be extracted... |
|
CVE
|
CVEnew | 原文
CVE-2022-23967 In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbprot... |
|
CVE
|
CVEnew | 原文
CVE-2022-23993 /usr/local/www/pkg.php in pfSense through 2.5.2 uses $_REQUEST['pkg_filter'] in a PHP echo call. |
|
CVE
|
CVEnew | 原文
CVE-2021-46385 |
|
CVE
|
CVEnew | 原文
CVE-2022-22852 A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the de... |
|
CVE
|
CVEnew | 原文
CVE-2022-22850 A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodtester Hospital's Patient Records Management System 1.0 via the de... |
|
CVE
|
CVEnew | 原文
CVE-2021-46114 jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.ProductNotifyKit#doSendEmail. The admin panel provides a function thro... |
|
CVE
|
CVEnew | 原文
CVE-2022-23990 Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. |
|
CVE
|
CVEnew | 原文
CVE-2021-46561 controller/org.controller/org.controller.js in the CVE Services API 1.1.1 before 5c50baf3bda28133a3bc90b854765a64fb538304 allows an org... |
|
CVE
|
CVEnew | 原文
CVE-2022-0368 Out-of-bounds Read in Conda vim prior to 8.2. |
|
CVE
|
CVEnew | 原文
CVE-2021-29846 IBM Security Guardium Insights 3.0 could allow an authenticated user to obtain sensitive information due to insufficient session expira... |
|
CVE
|
CVEnew | 原文
CVE-2021-29845 IBM Security Guardium Insights 3.0 could allow an authenticated user to perform unauthorized actions due to improper input validation. ... |
|
CVE
|
CVEnew | 原文
CVE-2021-29838 IBM Security Guardium Insights 3.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly ena... |
|
vx-underground
|
vxunderground | 原文
Re @ddd1ms @AShukuhi @MarcusBazzell @notakrook @briankrebs If @AShukuhi believes these videos jeopardize his (or anyone elses) safety we may upload an... |
|
vx-underground
|
vxunderground | 原文
Re @AShukuhi @MarcusBazzell @notakrook @briankrebs @ddd1ms To clarify: are you suggesting we should remove the video archive from YouTube? |
|
vx-underground
|
vxunderground | 原文
What people think Ransomware group operators look like |
|
Black Hat
|
BlackHatEvents | 原文
Hacking and Securing Cloud Infrastructure 2 Day | At this #BlackHat Spring Training, @notsosecure will cover both the theory a well as a number of mod... |
|
Black Hat
|
BlackHatEvents | 原文
Advanced Infrastructure Hacking 4 Day | At this #BHASIA Training, @notsosecure will cover a wide variety of neat, new and ridiculous techniques to com... |
|
yuange1975fuckwb
|
yuange1975fuckwb | 原文
员工被刺!360借条的鸡贼藏不住了这两天,360又卷入了一场巨大的舆论风波中。 不过,这次让360出位的不再是“红衣教主”周鸿祎的出格言论,而是一张照片—— 1月25日,网上流传出一张照片,一名西装革履的男子被警方从360公司扣押带走,周边围了一圈警察,举着警械严阵以待。 360很快给出回应,称此事 ...全文 |
|
tombkeeper
|
tombkeeper | 原文
五年过去。//@tombkeeper:三年过去,现在,发生在个人之间也不行了。上学时候么,就是做题家。上班了么,就是工贼。内卷解释一切。只要认为找到了一个解释,就舒坦了。卷卷卷,一卷解千愁。 |
|
tombkeeper
|
tombkeeper | 原文
听一位宣传口出身的老同志说,前面外宣对国内抗疫成果一直不太高调谈,就是怕刺激别的国家。但是,匹夫无罪,怀璧其罪,这个道理在人与人之间和国与国之间都是一样的。//@来去之间: 转发微博 |
|
GitHubDaily
|
GitHubDaily | 原文
去年在技术圈内,有不少知名项目被爆出存在严重漏洞,引起了不少开发者热议。有鉴于此,国内一位网络安全人员在 GitHub 开源了一款漏洞监控平台:Monitor。主要用于监测 GitHub、微软、CNNVD 等各大平台发布的最新技术漏洞信息,并将漏洞按不同危险等级进行划分,最后再通过企业微信和邮箱进行消息 ...全文 |
|
Bank Security
|
Bank_Security | 原文
BlueNoroff APT Cryptocurrency-Focused Attack. The group shifted focus from hitting banks and SWIFT-connected servers to solely cryptocurrency business... |
|
Rasta Mouse
|
_RastaMouse | 原文
Re @UK_Daniel_Card @joehelle For me it depends on what you’re actually trying to teach. It makes total sense for beginners, but after a point it beco... |
|
DEF CON
|
defcon | 原文
Re @TheKenMunroShow @IoTvillage @cybergibbons Thanks for the heads up. |
|
DEF CON
|
defcon | 原文
RT Corsin Camichel: for the next game night @defcon @defconparties @a41con |
|
☣ KitPloit - Hacker Tools
|
KitPloit | 原文
Ninjasworkout - Vulnerable NodeJS Web Application |
|
沈沉舟
|
沈沉舟 | 原文
顺便说一句,我不建议你在面试中也这样做,除非你真地知道你在做什么。有很多人也像这样干了,但他们没能通过面试。Larry Osterman系列--微软内部面试八卦 |
|
Nicolas Krassas
|
dinosn | 原文
Major Discord API outage prevents logins and voice chats |
|
Nicolas Krassas
|
dinosn | 原文
Ninjasworkout - Vulnerable NodeJS Web Application |
|
Nicolas Krassas
|
dinosn | 原文
TrickBot malware now crashes researchers’ devices to evade analysis |
|
Nicolas Krassas
|
dinosn | 原文
Apple fixes new zero-day exploited to hack macOS, iOS devices |
|
Nicolas Krassas
|
dinosn | 原文
RT BLASTY: Slightly revised copy of blasty-vs-pkexec.c available here: |
|
Rasta Mouse
|
_RastaMouse | 原文
Re @joehelle Almost willing to bet the motivation behind it is to reduce the number of support requests. |
|
Rasta Mouse
|
_RastaMouse | 原文
If you're an infosec content creator (blogger/YouTuber/streamer etc) and want to earn a bit of extra cash, check out our new affiliate program. |
|
Rasta Mouse
|
_RastaMouse | 原文
Re @digininja curl works fine for me. No SSL complaints. |
|
Rasta Mouse
|
_RastaMouse | 原文
RT [audible]blink: I really like the trend of process-driven blogs over results-driven ones. Especially when they include their failures. Thought I'd ... |
|
Hx01
|
Hxzeroone | 原文
RT Hussein Daher: It's finally live - I'm sorry for the time this took! The workshop I gave at @THREAT_CON is now live on Udemy for a discounted price... |
|
Emad Shanab - أبو عبد الله
|
Alra3ees | 原文
Penetration_Testing_POC:- Penetration testing-related POC, EXP, scripts, privilege escalation, gadgets, etc.xss cms php-getshell domainmod-xss penetra... |
|
Nicolas Krassas
|
Dinosn | 原文
People Are Still Getting Pwned A Week After A Crypto Hack Was Contained |
|
Nicolas Krassas
|
Dinosn | 原文
New York Fines EyeMed $600k After Data Breach Investigation Finds Security Flaws |
|
Nicolas Krassas
|
Dinosn | 原文
Bypassing Little Snitch Firewall with Empty TCP Packets |
|
Nicolas Krassas
|
Dinosn | 原文
Google sued over deceptive location tracking |
|
Nicolas Krassas
|
Dinosn | 原文
Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA |
|
Nicolas Krassas
|
Dinosn | 原文
VW fired senior employee after they raised cyber security concerns |
|
Nicolas Krassas
|
Dinosn | 原文
CVE-2021-44790: Code Execution on Apache via an Integer Underflow |
|
Nicolas Krassas
|
Dinosn | 原文
Cyber-Partisans hackers hit Belarus railroad system with ransomware attack |
|
Nicolas Krassas
|
Dinosn | 原文
Dontgo403 - Tool To Bypass 40X Response Codes |
|
Nicolas Krassas
|
Dinosn | 原文
Exploit for CVE-2021-4034 that does not leave syslog entries |