2025 – TNT Sécurité

Archives de l'Année

1
2
3
4	1 Articles archivés
5	2 Articles archivés
6	1 Articles archivés
7	2 Articles archivés
8
9
10
11
12

Your Information:

Your IP: 216.73.216.158

Country: United States

Flag:

Region: OH

City: Columbus

Browser: Unknown

System: Unknown OS Platform
Login
Outils

Swiss Army Suite (SAS) | 9.35 MB
Télécharger

Mango Keywords 3.4.1 | 25.26 MB
Télécharger

Dork Searcher V3 | 64.46 MB
Télécharger

Magic Dork V3.4.5 | 14.59 MB
Télécharger

SQLi Dorks Generator | 1.62 MB
Télécharger

SQLi Dumper 10.5 | 31.46 KB
Télécharger

Scan Now UPnP | 5.91 MB
ScanNowUPnP
Microsoft Office Pro 2024
Windows 11 Téléchargez le .ISO
Darwbeb avec Tails
Articles parlant de Metasploit
L’exploit KRACK affecte tous les périphériques Wi-Fi
Windows 10 Téléchargez le .ISO
Vulnérabilité DNS
Indésirable bloqué

0 indésirable bloqué par Akismet
Vitesse de connexion
Catégories

Cracking Différentes attaques Divers Encryption routeur Failles de sécurités Information Metasploit Microsoft Protection
Archives

TNT Hacking World
Articles récents
Search for:
Exploit Database
Common Vulnerability Database
- CVE-2025-53950 16 octobre 2025
  Medium Severity Description An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated administrator to collect […]
- CVE-2025-54658 16 octobre 2025
  High Severity Description An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker […]
- CVE-2025-9955 16 octobre 2025
  Medium Severity Description An improper access control vulnerability exists in WSO2 Enterprise Integrator product due to insufficient permission restrictions on internal SOAP admin services related to system logs and user-store configuration. A low-privileged user can access log data and user-store configuration details that are not intended to be exposed at that privilege level. While no […]
- CVE-2025-10611 16 octobre 2025
  Critical Severity Description Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation. Successful exploitation of this vulnerability could lead to a malicious actor gaining administrative access and performing unauthenticated and unauthorized administrative operations. Read […]
- CVE-2025-9804 16 octobre 2025
  High Severity Description An improper access control vulnerability exists in multiple WSO2 products due to insufficient permission enforcement in certain internal SOAP Admin Services and System REST APIs. A low-privileged user may exploit this flaw to perform unauthorized operations, including accessing server-level information. This vulnerability affects only internal administrative interfaces. APIs exposed through the WSO2 […]
Bugtraq
- Re: Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS) 16 octobre 2025
  Posted by Gynvael Coldwind on Oct 15Vendor Response Pattern Hi Christopher, Vendor is correct with this one. The problem isn't the vendor's site – it's that the browser is already pwned with the malicious browser extension (this is site-agnostic). You've mentioned "No user interaction required beyond normal application usage.", but having "Malicious browser extension" installed […]
- Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com (JWT Leakage, IDOR, DoS) 14 octobre 2025
  Posted by Christopher Dickinson via Fulldisclosure on Oct 13Security Advisory: Multiple High-Severity Vulnerabilities in Suno.com CVE Identifiers * CVE-2025-[PENDING] - Excessive Data Exposure / JWT Token Leakage * CVE-2025-[PENDING] - Broken Object Level Authorization (IDOR) * CVE-2025-[PENDING] - Unrestricted Resource Consumption (DoS) Executive Summary This security advisory details three significant vulnerabilities discovered in the Suno.com […]
- [SBA-ADV-20250730-01] CVE-2025-39664: Checkmk Path Traversal 14 octobre 2025
  Posted by SBA Research Security Advisory via Fulldisclosure on Oct 13# Checkmk Path Traversal # Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250730-01_Checkmk_Path_Traversal ## Vulnerability Overview ## Checkmk in versions before 2.4.0p13, 2.3.0p38 and 2.2.0p46, as well as since version 2.1.0b1 is prone to a path traversal vulnerability in the report scheduler. Due to an insufficient validation of a file name […]
- [SBA-ADV-20250724-01] CVE-2025-32919: Checkmk Agent Privilege Escalation via Insecure Temporary Files 14 octobre 2025
  Posted by SBA Research Security Advisory via Fulldisclosure on Oct 13# Checkmk Agent Privilege Escalation via Insecure Temporary Files # Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20250724-01_Checkmk_Agent_Privilege_Escalation_via_Insecure_Temporary_Files ## Vulnerability Overview ## The `win_license` plugin as included in Checkmk agent for Windows versions before 2.4.0p13, 2.3.0p38 and 2.2.0p46, as well as since version 2.1.0b2 and 2.0.0p28 allows low privileged users to […]
- CVE-2025-59397 - Open Web Analytics SQL Injection 9 octobre 2025
  Posted by Seralys Research Team via Fulldisclosure on Oct 08 Seralys Security Advisory | https://www.seralys.com/research ====================================================================== Title: SQL Injection Vulnerability Product: Open Web Analytics (OWA) Affected: Confirmed on 1.8.0 (older versions likely affected) Fixed in: 1.8.1 Vendor: Open Web Analytics (open-source) Discovered: August 2025 Severity: HIGH CWE: CWE-89: SQL Injection CVE: CVE-2025-59397...