6 liens privés
CVE-2023-2825 is a path traversal vulnerability that enables an unauthenticated user to read arbitrary files on the server.
Les pirates exploitent activement une faille de sécurité qui touche de nombreux appareils Samsung sous Android 11, 12 et 13. La marque incite les utilisateurs à mettre à jour leurs appareils le plus rapidement possible.
Contribute to vdohney/keepass-password-dumper development by creating an account on GitHub.
Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin
The loader, which was documented by Morphisec last month, is designed to check the system's graphic card to determine if it's running on a virtual machine or in a sandbox environment, and ultimately launch the Aurora information stealer malware.
The campaign, per Malwarebytes, has claimed 585 victims over the past two months, with the threat
A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system.
What is SMBGhost SMBGhost (CVE-2020-0796) is a vulnerability affecting SMB 3.1, and more precisely one of its decompression function. As SMB 3.1 added support for data compression in order to save bandwidth, it added a decompression function presenting an integer overflow resulting in multiple subsequent buffer overflows. Those buffer overflows are exploitable in a way […]
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions.
ollowed by repeatedly spoofing a request to that service with a victim's IP as the source address.
Sophos addressed three vulnerabilities in Sophos Web Appliance, including a critical flaw that can lead to code execution.
Latest Research by our Team
Une version tojanisée du logiciel populaire VOIP/PBX fait actuellement la une de l’actualité : voici les actions menées par les chasseurs et les défenseurs.
A recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress is being exploited.
Un défaut de contrôle des données saisies par l’utilisateur dans OpenSSH permet à un attaquant non authentifié, en envoyant des requêtes spécifiquement forgées, de téléverser sa clé SSH privée