7028 matches found
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS advisories on September 18, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-261-01 Westermo Network Technologies WeOS 5 ICSA-25-261-02 Westermo Network...
ctf-tasks
This is a CTF Capture The Flag challenge repository from the CONFidence CTF 2014 event. The repository contains several files and directories related to two tasks: "Crypto Machine" and "Memory". Crypto Machine The "Crypto Machine" task is a reverse engineering challenge that involves exploiting a...
CTFium
This is a collection of CTF Capture The Flag writeups by PersianCats. It is a repository of technical writeups for various CTF challenges from different events. The writeups cover a range of topics, including exploitation of vulnerabilities, reverse engineering, and binary analysis. The repositor...
CTF-All-In-One
This is a repository for a book titled "CTF-All-In-One" by firmianay. The book is a comprehensive guide to CTF Capture The Flag competitions, covering various topics such as Linux, Web security, reverse engineering, and cryptography. The repository contains the source code and materials for the...
hackingtool
This is an offensive tool for penetration testing and hacking. It is a collection of various tools for different types of attacks, including information gathering, web attacks, SQL injection, phishing, and more. The tool is written in Python and is designed to be run on Linux systems, including...
pwntools
This is a CTF framework and exploit development library. It is a Python library for exploit development and reverse engineering. The library provides a set of tools for creating and executing exploits, as well as for analyzing and debugging binary files. The library is designed to be extensible a...
hackingtool-v5.1
All in One Hacking tool For Hackers🥇 !https://img.shields...
hackingtool
This is an all-in-one hacking tool for hackers, written in Python. The tool is designed to be run on Linux, Kali Linux, or Parrot OS. It provides a menu-driven interface for various hacking tasks, including information gathering, wireless attacks, SQL injection, phishing, web attacks,...
CVE-2025-41701
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
Daikin Europe N.V Security Gateway
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to the system. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...
MAL-2025-47060 Malicious code in frontend-eng-interview (npm)
The package frontend-eng-interview was found to contain malicious code. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f09fffefe345d37955487a3e97f7811a5efdbd3449f11fbaac021e1d542b3793 Any computer that has this package installed or running should be considered full...
CVE-2025-41701
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
CVE-2025-41701 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
CVE-2025-41701 Beckhoff: Deserialization of untrusted data by TwinCAT 3 Engineering
An unauthenticated attacker can trick a local user into executing arbitrary commands by opening a deliberately manipulated project file with an affected engineering tool. These arbitrary commands are executed in the user context...
CVE-2025-41701
Beckhoff TwinCAT 3 Engineering contains a vulnerability (CVE-2025-41701) where deserialization of untrusted data can be triggered by a manipulated project file, allowing an unauthenticated local attacker to execute arbitrary commands in the user’s context. The available connected sources confirm ...
Rockwell Automation 1783-NATR
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause a memory corruption on the product. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure...
Rockwell Automation Analytics LogixAI
RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to access sensitive information. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize network exposure for all...
CVE-2025-57766
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, admin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors such as XSS ca...
CVE-2025-57766 Fides's Admin UI User Password Change Does Not Invalidate Current Session
Fides is an open-source privacy engineering platform. Prior to version 2.69.1, admin UI user password changes in Fides do not invalidate active user sessions, creating a vulnerability chaining opportunity where attackers who have obtained session tokens through other attack vectors such as XSS ca...
Fides 安全漏洞
Fides is an open source privacy engineering platform open-sourced by Ethyca to manage the implementation of data privacy requests in the runtime environment and the enforcement of privacy regulations in code. A security vulnerability exists in versions of Fides prior to 2.69.1 that stems from a...