Why Tehran’s Two-Tiered Internet Is So Dangerous

Iran is slowly emerging from the most severe communications blackout in its history and one of the longest in the world. Triggered as part of January's government crackdown against citizen protests nationwide, the regime implemented an internet shutdown that transcends the standard definition of...

EUVD-2006-2357

Malware in sbrugna...

EUVD-2009-0153

Malware in sbrugna...

MalFlows: Context-Aware Fusion of Heterogeneous Flow Semantics for Android Malware Detection

Static analysis, a fundamental technique in Android app examination, enables the extraction of control flows, data flows, and inter-component communications ICCs, all of which are essential for malware detection. However, existing methods struggle to leverage the semantic complementarity across...

CVE-2025-6521

During the initial setup of the device the user connects to an access point broadcast by the Sight Bulb Pro. During the negotiation, AES Encryption keys are passed in cleartext. If captured, an attacker may be able to decrypt communications between the management app and the Sight Bulb Pro which...

CVE-2025-24071

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network...

[SECURITY] Fedora 40 Update: prometheus-podman-exporter-1.14.0-1.fc40

Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information...

Microsoft Copilot Studio Information Disclosure Vulnerability

An authenticated attacker can bypass Server-Side Request Forgery SSRF protection in Microsoft Copilot Studio to leak sensitive information over a network...

CVE-2023-49092

RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...

PT-2023-27777 · Dexgate · Dexgate

Name of the Vulnerable Software and Affected Versions: DexGate affected versions not specified Description: The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability. This may allow an attacker with access to the network, where clients have access to th...

Swiss Army knife For Information Security: What is Comprehensive Protection?

Written by Sergey Ozhegov, CEO of SearchInform In the early days of information security, we used to rely on antivirus and firewall in our arsenal. Once I even “caught” a leak with the help of the firewall logs: I noticed an atypically large data upload and found out that the user was uploading...

Arbitrary File Download Vulnerability in Huawei Technologies Co.

Huawei Technologies Co., Ltd. is a leading global information and communications technology ICT solutions provider. An arbitrary file download vulnerability exists in Huawei Technologies' Web-based network management system, which can be exploited by attackers to obtain sensitive information...

File Upload Vulnerability in Website Building System of Yue Information Network Co.

Shou Yueh Information Network Co., Ltd. is a company that combines the expertise of information network, marketing channel, and system software. A file upload vulnerability exists in the website builder system of Shouyue Information Network Co. An attacker could exploit this vulnerability to gain...

SQL Injection Vulnerability in Shouyue Information Network Co.

Shou Yueh Information Network Co., Ltd. is a company that combines the expertise of information network, marketing channel, and system software. A SQL injection vulnerability exists in Shouyue Information Network Co., Ltd.'s website system, which can be exploited by attackers to obtain sensitive...

SQL Injection Vulnerability in the Website System of Shouyue Information Network Corporation (CNVD-2020-40774)

Shou Yueh Information Network Co., Ltd. is a company that combines consulting network, marketing channels, and system software. A SQL injection vulnerability exists in Shouyue Information Network Co., Ltd.'s website system, which can be exploited by attackers to obtain sensitive information from...

Vulnerabilities in the Employment Information Network System of Beijing Rongzhi Chuangxiang Information Technology Co.

Beijing Rongzhi Chuangxiang Information Technology Co., Ltd, is a company engaged in Internet software development. An override access vulnerability exists in the Employment Information Network system, which can be exploited by attackers to obtain sensitive information...

SQL injection vulnerability exists in ne***.asp page of Zhuzhou Window Information Network Culture Technology Co.

Zhuzhou window information network culture technology limited company engaged in software development, network marketing and enterprise network informatization solutions. Zhuzhou Window Information Network Culture Technology Co., Ltd. station building system ne.asp page SQL injection vulnerabilit...

Arbitrary File Upload Vulnerability in Employment Information Network

Huimeng Software is committed to improving the information management level of enterprises or government organizations through professional products and services. The Employment Information Network has an arbitrary file upload vulnerability that can be exploited by an attacker to log in to the...

Radisys MRF - Command Injection Vulnerability

Exploit for cgi platform in category web applications Title: MRF Web Panel OS Command Injection Vendor: Radisys Vendor Homepage: http://www.radisys.com Product: MRF Web Panel SWMS Version: 9.0.1 CVE: CVE-2016-10043 CWE: CWE-78 Risk Level: High Discovery: Filippos Mastrogiannis, Loukas Alkis &...

Heze city science and technology information network suffered HackingTeam leakage of 0day vulnerabilities attack-exploit warning-the black bar safety net

For the attacker, the HackingTeam data leak certainly gives them a“spring”. Attackers in the data leak the next day it will be baked 0day vulnerabilities added to the mainstream exploit kits. Copy the leaked 0day attack HackingTeam leakage of various 0day information can be easily reused. In...