Aller au contenu
Skip to CUSTOM_HTML-19
Skip to RECENT-POSTS-2
Skip to SEARCH-2
Skip to CUSTOM_HTML-2
Skip to RSS-5
Skip to RSS-4
Skip to BLOCK-2
Skip to META-2
Skip to LISTPACKAGES-2
Skip to CUSTOM_HTML-6
Skip to CUSTOM_HTML-17
Skip to CUSTOM_HTML-16
Skip to CUSTOM_HTML-11
Skip to CUSTOM_HTML-5
Skip to CUSTOM_HTML-7
Skip to CUSTOM_HTML-8
Skip to AKISMET_WIDGET-2
Skip to CUSTOM_HTML-9
Skip to TAG_CLOUD-2
Skip to ARCHIVES-2
Skip to CUSTOM_HTML-13
Skip to CUSTOM_HTML-18
Skip to CUSTOM_HTML-15
Attention à vos informations.
TNT Sécurité
Attention à vos informations.
Shrunk
Expand
Navigation Principale
Open
Contactez-moi
Page de maintenance
Section Privée
Open
Archives du Blog
blog
BurpSuite_Pro_Script
Posté dans
22 mai 2025 7:19 pm
par
TNT Sécurité
Script
TNT Hacking World
Articles récents
Comment installer SilverBullet Pro 1.5.8
Comment les Hackers utilisent OpenBullet 2 pour accéder vos comptes.
Comment installer/configurer OpenBullet 2
Comment les hackers créent des combo lists
Burp Suite Pro 2025
Microsoft Office Pro 2024 LTSC
Evil Portal pour envoyer un payload à un client.
Comment contourner Microsoft Defender et établir une session Meterpreter avec persistence.
Téléchargez le ISO de Windows 11
Office 2021 Pro LTSC
Search for:
Exploit Database
Common Vulnerability Database
CVE-2025-67246
15 janvier 2026
Medium Severity Description A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresses. The handler maps arbitrary physical memory via […]
CVE-2025-67076
15 janvier 2026
High Severity Description Directory traversal vulnerability in Omnispace Agora Project before 25.10 allowing unauthenticated attackers to read files on the system via the misc controller and the ExternalGetFile action. Only files with an extension can be read. Read more at https://www.tenable.com/cve/CVE-2025-67076
CVE-2025-67077
15 janvier 2026
High Severity Description File upload vulnerability in Omnispace Agora Project before 25.10 allowing authenticated, or under certain conditions also guest users, via the UploadTmpFile action. Read more at https://www.tenable.com/cve/CVE-2025-67077
CVE-2025-67078
15 janvier 2026
Medium Severity Description Cross site scripting (XSS) vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors. Read more at https://www.tenable.com/cve/CVE-2025-67078
CVE-2025-61973
15 janvier 2026
High Severity Description A local privilege escalation vulnerability exists during the installation of Epic Games Store via the Microsoft Store. A low-privilege user can replace a DLL file during the installation process, which may result in unintended elevation of privileges. Read more at https://www.tenable.com/cve/CVE-2025-61973
Bugtraq
[REVIVE-SA-2026-001] Revive Adserver Vulnerabilities
15 janvier 2026
Posted by Matteo Beccati on Jan 14======================================================================== Revive Adserver Security Advisory REVIVE-SA-2026-001 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2026-001 ------------------------------------------------------------------------ Date: 2026-01-14 Risk Level: High Applications affected: Revive...
Defense in depth -- the Microsoft way (part 95): the (shared) "Start Menu" is dispensable
11 janvier 2026
Posted by Stefan Kanthak via Fulldisclosure on Jan 10Hi @ll, the following is a condensed form of and . Windows Vista moved the shared start menu from "%ALLUSERSPROFILE%\Start Menu\" to "%ProgramData%\Microsoft\Windows\Start Menu\", with some shortcuts (*.lnk) "reflected" from the (immutable) component store below %SystemRoot%\WinSxS\ JFTR:...
Re: Multiple Security Misconfigurations and Customer Enumeration Exposure in Convercent Whistleblowing Platform (EQS Group)
11 janvier 2026
Posted by Art Manion via Fulldisclosure on Jan 10Hi, CVE IDs *can* be assigned for SaaS or similarly "cloud only" software. For a period of time, there was a restriction that only the provider could make or request such an assignment. But the current CVE rules remove this restriction: 4.2.3 CNAs MUST NOT consider the […]
RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in RIOT ethos Serial Frame Parser
11 janvier 2026
Posted by Ron E on Jan 10A stack-based buffer overflow vulnerability exists in the RIOT OS ethos utility due to missing bounds checking when processing incoming serial frame data. The vulnerability occurs in the _handle_char() function, where incoming frame bytes are appended to a fixed-size stack buffer (serial->frame) without verifying that the current write index […]
RIOT OS 2026.01-devel-317 Stack-Based Buffer Overflow in tapslip6 Utility via Unbounded Device Path Construction
11 janvier 2026
Posted by Ron E on Jan 10A stack-based buffer overflow vulnerability exists in the tapslip6 utility distributed with RIOT OS (and derived from the legacy uIP/Contiki networking tools). The vulnerability is caused by unsafe string concatenation in the devopen() function, which constructs a device path using unbounded user-controlled input. Specifically, tapslip6 uses strcpy() and strcat() […]
