Aller au contenu
Skip to CUSTOM_HTML-19
Skip to RECENT-POSTS-2
Skip to SEARCH-2
Skip to CUSTOM_HTML-2
Skip to RSS-5
Skip to RSS-4
Skip to BLOCK-2
Skip to META-2
Skip to LISTPACKAGES-2
Skip to CUSTOM_HTML-6
Skip to CUSTOM_HTML-17
Skip to CUSTOM_HTML-16
Skip to CUSTOM_HTML-11
Skip to CUSTOM_HTML-5
Skip to CUSTOM_HTML-7
Skip to CUSTOM_HTML-8
Skip to AKISMET_WIDGET-2
Skip to CUSTOM_HTML-9
Skip to TAG_CLOUD-2
Skip to ARCHIVES-2
Skip to CUSTOM_HTML-13
Skip to CUSTOM_HTML-18
Skip to CUSTOM_HTML-15
Attention à vos informations.
TNT Sécurité
Attention à vos informations.
Shrunk
Expand
Navigation Principale
Open
Contactez-moi
Page de maintenance
Section Privée
Open
Archives du Mois
« février
octobre »
juin
2017
1
2
3
4
5
6
Forcer le débranchement d'un périphérique sur votre réseau
2017-06-06 14:25:16
TNT Sécurité
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
Comment hacker Windows à l'aide d'un "Malware"
2017-06-27 13:54:25
TNT Sécurité
28
29
30
TNT Hacking World
Articles récents
Comment installer SilverBullet Pro 1.5.8
Comment les Hackers utilisent OpenBullet 2 pour accéder vos comptes.
Comment installer/configurer OpenBullet 2
Comment les hackers créent des combo lists
Burp Suite Pro 2025
Microsoft Office Pro 2024 LTSC
Evil Portal pour envoyer un payload à un client.
Comment contourner Microsoft Defender et établir une session Meterpreter avec persistence.
Téléchargez le ISO de Windows 11
Office 2021 Pro LTSC
Search for:
Exploit Database
Common Vulnerability Database
CVE-2026-1126
18 janvier 2026
Medium Severity Description A security vulnerability has been detected in lwj flow up to a3d2fe8133db9d3b50fda4f66f68634640344641. This affects the function uploadFile of the file \flow-master\flow-front-rest\src\main\java\com\dragon\flow\web\resource\flow\FormResource.java of the component SVG File Handler. The manipulation of the argument File leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been disclosed publicly […]
CVE-2026-0863
18 janvier 2026
High Severity Description Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissions and can lead to a full n8n instance takeover on instances […]
CVE-2026-1124
18 janvier 2026
Medium Severity Description A security flaw has been discovered in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /worksheet/work_report.jsp of the component HTTP GET Parameter Handler. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been released […]
CVE-2026-1125
18 janvier 2026
Medium Severity Description A weakness has been identified in D-Link DIR-823X 250416. Affected by this issue is the function sub_412E7C of the file /goform/set_wifidog_settings. Executing a manipulation of the argument wd_enable can lead to command injection. The attack can be executed remotely. The exploit has been made available to the public and could be used […]
CVE-2026-1123
18 janvier 2026
Medium Severity Description A vulnerability was identified in Yonyou KSOA 9.0. Affected is an unknown function of the file /worksheet/work_mod.jsp of the component HTTP GET Parameter Handler. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used. The vendor was […]
Bugtraq
[REVIVE-SA-2026-001] Revive Adserver Vulnerabilities
15 janvier 2026
Posted by Matteo Beccati on Jan 14======================================================================== Revive Adserver Security Advisory REVIVE-SA-2026-001 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2026-001 ------------------------------------------------------------------------ Date: 2026-01-14 Risk Level: High Applications affected: Revive...
Defense in depth -- the Microsoft way (part 95): the (shared) "Start Menu" is dispensable
11 janvier 2026
Posted by Stefan Kanthak via Fulldisclosure on Jan 10Hi @ll, the following is a condensed form of and . Windows Vista moved the shared start menu from "%ALLUSERSPROFILE%\Start Menu\" to "%ProgramData%\Microsoft\Windows\Start Menu\", with some shortcuts (*.lnk) "reflected" from the (immutable) component store below %SystemRoot%\WinSxS\ JFTR:...
Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
11 janvier 2026
Posted by Art Manion via Fulldisclosure on Jan 10Hi, CVE IDs *can* be assigned for SaaS or similarly "cloud only" software. For a period of time, there was a restriction that only the provider could make or request such an assignment. But the current CVE rules remove this restriction: 4.2.3 CNAs MUST NOT consider the […]
RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in RIOT ethos Serial Frame Parser
11 janvier 2026
Posted by Ron E on Jan 10A stack-based buffer overflow vulnerability exists in the RIOT OS ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the _handle_char() function, where incoming frame bytes are appended to a fixed-size stack buffer (serial->frame) without verifying that the current write index […]
RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility via Unbounded Device Path Construction
11 janvier 2026
Posted by Ron E on Jan 10A stack-based buffer overflow vulnerability exists in the tapslip6 utility distributed with RIOT OS (and derived from the legacy uIP/Contiki networking tools). The vulnerability is caused by unsafe string concatenation in the devopen() function, which constructs a device path using unbounded user-controlled input. Specifically, tapslip6 uses strcpy() and strcat() […]