2025 – TNT Sécurité

Archives de l'Année

1
2
3
4	1 Articles archivés
5	2 Articles archivés
6	1 Articles archivés
7	2 Articles archivés
8
9
10
11
12

Your Information:

Your IP: 40.77.167.47

Country: United States

Flag:

Region: VA

City: Boydton

Browser: Chrome

System: Unknown OS Platform
Login
Outils

Swiss Army Suite (SAS) | 9.35 MB
Télécharger

Mango Keywords 3.4.1 | 25.26 MB
Télécharger

Dork Searcher V3 | 64.46 MB
Télécharger

Magic Dork V3.4.5 | 14.59 MB
Télécharger

SQLi Dorks Generator | 1.62 MB
Télécharger

SQLi Dumper 10.5 | 31.46 KB
Télécharger

Scan Now UPnP | 5.91 MB
ScanNowUPnP
Microsoft Office Pro 2024
Windows 11 Téléchargez le .ISO
Darwbeb avec Tails
Articles parlant de Metasploit
L’exploit KRACK affecte tous les périphériques Wi-Fi
Windows 10 Téléchargez le .ISO
Vulnérabilité DNS
Indésirable bloqué

0 indésirable bloqué par Akismet
Vitesse de connexion
Catégories

Cracking Différentes attaques Divers Encryption routeur Failles de sécurités Information Metasploit Microsoft Protection
Archives

TNT Hacking World
Articles récents
Search for:
Exploit Database
Common Vulnerability Database
- CVE-2024-58314 12 décembre 2025
  High Severity Description Atcom 100M IP Phones firmware version 2.7.x.x contains an authenticated command injection vulnerability in the web configuration CGI script that allows attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'cmd' parameter in web_cgi_main.cgi, enabling remote code execution with administrative credentials. Read more at https://www.tenable.com/cve/CVE-2024-58314
- CVE-2024-58299 12 décembre 2025
  Critical Severity Description PCMan FTP Server 2.0 contains a buffer overflow vulnerability in the 'pwd' command that allows remote attackers to execute arbitrary code. Attackers can send a specially crafted payload during the FTP login process to overwrite memory and potentially gain system access. Read more at https://www.tenable.com/cve/CVE-2024-58299
- CVE-2025-14572 12 décembre 2025
  High Severity Description A vulnerability was found in UTT 进取 512W up to 1.7.7-171114. This affects an unknown part of the file /goform/formWebAuthGlobalConfig. Performing manipulation of the argument hidcontact results in memory corruption. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early […]
- CVE-2025-8082 12 décembre 2025
  Medium Severity Description Improper neutralization of the title date in the 'VDatePicker' component in Vuetify, allows unsanitized HTML to be inserted into the page. This can lead to a Cross-Site Scripting (XSS) https://owasp.org/www-community/attacks/xss attack. The vulnerability occurs because the 'title-date-format' property of the 'VDatePicker' can accept a user created function and assign its output to […]
- CVE-2025-14568 12 décembre 2025
  Medium Severity Description A security vulnerability has been detected in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This impacts an unknown function of the file model/User.php. The manipulation of the argument employee_id/id/admin leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. Continious delivery with rolling releases […]
Bugtraq
- Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) 5 décembre 2025
  Posted by Yuffie Kisaragi via Fulldisclosure on Dec 05Advisory ID: CONVERCENT-2025-001 Title: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group) Date: 2025-12-04 Vendor: EQS Group Product: Convercent Whistleblowing Platform (app.convercent.com) Severity: Critical CVSS v4.0 Base Score: 9.3 Vector: AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N Summary A series of security weaknesses were identified in the Convercent...
- 8 vulnerabilities in AudioCodes Fax/IVR Appliance 2 décembre 2025
  Posted by Pierre Kim on Dec 01## Advisory Information Title: 8 vulnerabilities in AudioCodes Fax/IVR Appliance Advisory URL: https://pierrekim.github.io/advisories/2025-audiocodes-fax-ivr.txt Blog URL: https://pierrekim.github.io/blog/2025-11-20-audiocodes-fax-ivr-8-vulnerabilities.html Date published: 2025-11-20 Vendors contacted: Audiocodes Release mode: Released CVE: CVE-2025-34328, CVE-2025-34329, CVE-2025-34330, CVE-2025-34331, CVE-2025-34332, CVE-2025-34333,...
- 2 vulnerabilities in Egovframe 2 décembre 2025
  Posted by Pierre Kim on Dec 01## Advisory Information Title: 2 vulnerabilities in Egovframe Advisory URL: https://pierrekim.github.io/advisories/2025-egovframe.txt Blog URL: https://pierrekim.github.io/blog/2025-11-20-egovframe-2-vulnerabilities.html Date published: 2025-11-20 Vendors contacted: KISA/KrCERT Release mode: Released CVE: CVE-2025-34336, CVE-2025-34337 ## Product description Egovframe is a Java-based framework mainly used in the websites of the Government of...
- [REVIVE-SA-2025-005] Revive Adserver Vulnerability 2 décembre 2025
  Posted by Matteo Beccati on Dec 01======================================================================== Revive Adserver Security Advisory REVIVE-SA-2025-005 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2025-005 ------------------------------------------------------------------------ Date: 2025-11-26 Risk Level: Medium Applications affected: Revive...
- Missing Critical Security Headers in Legality WHISTLEBLOWING 2 décembre 2025
  Posted by Aerith Gainsborough via Fulldisclosure on Dec 01Advisory ID: LEGALITYWHISTLEBLOWING-2025-001 Title: Missing Critical Security Headers in Legality WHISTLEBLOWING Date: 2025-11-29 Vendor: DigitalPA (segnalazioni.net) Severity: High CVSS v3.1 Base Score: 8.2 (High) Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N Summary: Multiple public deployments of Legality WHISTLEBLOWING by DigitalPA are missing essential HTTP security headers. This misconfiguration exposes users to client-side […]