SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS v13.3, which stems from mishandling of the admintopic.php component, which could lead to SQL...

Enhancing the Cloud Security through Topic Modelling

Protecting cloud applications is crucial in an age where security constantly threatens the digital world. The inevitable cyber-attacks throughout the CI/CD pipeline make cloud security innovations necessary. This research is motivated by applying Natural Language Processing NLP methodologies, suc...

The Dark Side of the Web: Towards Understanding Various Data Sources in Cyber Threat Intelligence

Cyber threats have become increasingly prevalent and sophisticated. Prior work has extracted actionable cyber threat intelligence CTI, such as indicators of compromise, tactics, techniques, and procedures TTPs, or threat feeds from various sources: open source data e.g., social networks, internal...

CVE-2025-3797

A vulnerability classified as critical was found in SeaCMS up to 13.3. This vulnerability affects unknown code of the file /admintopic.php?action=delall. The manipulation of the argument eid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

SeaCMS 注入漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. An injection vulnerability exists in SeaCMS 13.3 and earlier versions, which stems from an SQL injection due to the operation of the...

CVE-2025-30357

CVE-2025-30357 affects NamelessMC forum software. In versions ≤ 2.1.4, a malicious user posting spam across topics could trigger deletion of that user by an admin, which would cause all that user’s posts (and in turn related topics by unrelated users) to be marked as deleted. The issue has been p...

NamelessMC 安全漏洞

NamelessMC is a free, easy to use and powerful website software from the NamelessMC team. For your Minecraft server, which contains tons of features. A security vulnerability exists in NamelessMC 2.1.4 and earlier versions that stems from the fact that deleting a malicious account causes the...

CVE-2025-22034

In the Linux kernel, the following vulnerability has been resolved: mm/gup: reject FOLLSPLITPMD with hugetlb VMAs Patch series "mm: fixes for device-exclusive entries hmm", v2. Discussing the PageTail call in makedeviceexclusiverange with Willy, I recently discovered 1 that device-exclusive...

MyBB 安全漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MYBB team using PHP and MySQL. The software is characterized by its simplicity, multi-language support and extensibility. A security vulnerability exists in MyBB version 1.8.38, which stems from the mishandling of the Import...

CVE-2025-27149 Zulip exports can leak private data

Zulip server provides an open-source team chat that helps teams stay productive and focused. Prior to 10.0, the data export to organization administrators feature in Zulip leaks private data. The collection of user-agent types identifying specific integrations or HTTP libraries E.g.,...

Creating Scripts to Identify Vulnerable SMTP Servers

This whitepaper covers how to create Nmap scripts to identify banners and versions of SMTP servers. It also covers methods to mitigate the public visibility of banners and version information on SMTP servers. Written in Portuguese...

CVE-2025-2043

A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /adminthemes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The attack may be initiated remotely...

CVE-2025-2043

A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /adminthemes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The attack may be initiated remotely...

CVE-2025-2043

LinZhaoguan pb-cms 1.0.0 contains a deserialization flaw in the Add New Topic Handler when processing Topic Key in /admin#themes. This remote-native exploit may be used to trigger deserialization and is described as critical in CVE-2025-2043. Multiple sources corroborate the issue and its public ...

CVE-2025-2043 LinZhaoguan pb-cms Add New Topic admin#themes deserialization

A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /adminthemes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads to deserialization. The attack may be initiated remotely...

pb-cms 代码问题漏洞

pb-cms waterfall content management system is a content management system by LinZhaoguan Personal Developer. A code issue vulnerability exists in pb-cms version 1.0.0, which stems from an incorrect operation of the parameter Topic Key that can lead to deserialization...

CVE-2025-0681

CVE-2025-0681 concerns New Rock Technologies Cloud Connected Devices. The Cloud MQTT service supports wildcard topic subscriptions, enabling an attacker to tap service communications and potentially obtain sensitive information. Documented impact is information disclosure via local access to the ...

CVE-2024-50695

SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks...

CVE-2024-50695

SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow when parsing MQTT messages, due to missing MQTT topic bounds checks...

PT-2025-2886 · Sungrow · Sungrow Winet-Sv200

Name of the Vulnerable Software and Affected Versions: SunGrow WiNet-SV200 versions 0.001.00.P027 and earlier Description: The issue is related to a stack-based buffer overflow that occurs when parsing MQTT messages, due to missing checks on the bounds of MQTT topics. This can lead to a buffer...