Aggregator

A vulnerability, which was classified as problematic, was found in OpenSolution Quick.Cms.Lite 0.3. Affected by this issue is some unknown functionality of the file general.php. The manipulation of the argument Cookie results in path traversal. This vulnerability is known as CVE-2006-5834. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability was found in SimpleChat 1.0.0 and classified as critical. This vulnerability affects unknown code of the file chat_panel.php. Such manipulation of the argument msg leads to memory corruption. This vulnerability is uniquely identified as CVE-2006-5837. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability was found in NewP News Publication System 1.0.0. It has been classified as critical. This issue affects some unknown processing in the library lib/class.database.php. Performing a manipulation of the argument path results in file inclusion. This vulnerability was named CVE-2006-5838. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in PHPAdventure 1.1 Alpha. It has been declared as critical. Impacted is an unknown function of the file ad_main.php. Executing a manipulation of the argument _mygamefile can lead to file inclusion. The identification of this vulnerability is CVE-2006-5839. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability identified as problematic has been detected in Unicore Unicore Client up to 5.5. This affects an unknown function. This manipulation causes information disclosure. This vulnerability is tracked as CVE-2006-5842. The attack is restricted to local execution. No exploit exists. You should upgrade the affected component.

A vulnerability labeled as problematic has been found in Speedywiki 2.0. This impacts an unknown function of the file index.php. Such manipulation of the argument showRevisions leads to cross site scripting. This vulnerability is listed as CVE-2006-5843. The attack may be performed from remote. There is no available exploit.

A vulnerability marked as problematic has been reported in Speedywiki 2.0. Affected is an unknown function of the file index.php. Performing a manipulation results in information disclosure. This vulnerability is cataloged as CVE-2006-5844. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability described as critical has been identified in Speedywiki 2.0. Affected by this vulnerability is an unknown functionality of the file index.php of the component File Upload. Executing a manipulation of the argument Upload can lead to unrestricted upload. This vulnerability is registered as CVE-2006-5845. It is possible to launch the attack remotely. No exploit is available.

A vulnerability classified as problematic has been found in FreeWebshop 2.1/2.2.1/2.2.2. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to path traversal. This vulnerability is documented as CVE-2006-5846. The attack can be initiated remotely. Additionally, an exploit exists. Applying a patch is the recommended action to fix this issue.

A vulnerability has been found in Opendarwin Darwin kernel 8.8.1 and classified as problematic. This affects the function syscall. This manipulation causes denial of service. This vulnerability is handled as CVE-2006-5836. It is possible to launch the attack on the local host. Additionally, an exploit exists. The affected component should be upgraded.

A vulnerability categorized as problematic has been discovered in Rust up to 1.58.0. This vulnerability affects the function std::fs::remove_dir_all. The manipulation results in time-of-check time-of-use. This vulnerability is cataloged as CVE-2022-21658. The attack must be initiated from a local position. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability labeled as critical has been found in Oracle MySQL Server up to 8.0.30. Impacted is an unknown function of the component Optimizer. Such manipulation leads to denial of service. This vulnerability is traded as CVE-2022-21640. The attack may be launched remotely. There is no exploit available.

A vulnerability marked as critical has been reported in Oracle MySQL Server up to 8.0.29. The affected element is an unknown function of the component Optimizer. Performing a manipulation results in denial of service. This vulnerability is known as CVE-2022-21641. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability has been found in Oracle MySQL Server up to 8.0.30 and classified as critical. This impacts an unknown function of the component InnoDB. This manipulation causes denial of service. This vulnerability is tracked as CVE-2022-21637. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability identified as critical has been detected in Oracle MySQL Server up to 8.0.29. This issue affects some unknown processing of the component Optimizer. This manipulation causes denial of service. This vulnerability appears as CVE-2022-21638. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as critical has been found in Oracle PeopleSoft Enterprise PeopleTools 8.59/8.60. Affected by this vulnerability is an unknown functionality of the component Elastic Search Integration. This manipulation causes cross site scripting. This vulnerability is handled as CVE-2022-21639. The attack can be initiated remotely. There is not any exploit available.

2024年6月，苏格兰籍威胁行为体Tyler Robert Buchanan在西班牙被捕，后于2024年11月被美方正式起诉。2025年，美国司法部正式宣布该成员对参与Scattered Spider网络犯罪组织的相关指控认罪。

Cyber risk used to be the kind of problem you could delegate. Something for the CISO, the IT team, and maybe an external auditor to worry about once a year. That comfort zone is gone. In the last decade, a new reality has set in: a single cyber incident can erase hundreds of millions of […]

The post The $700 million question: How cyber risk became a market cap problem first appeared on TrustCloud.

The post The $700 million question: How cyber risk became a market cap problem appeared first on Security Boulevard.

Linus Torvalds 在内核邮件列表上宣布释出 Linux 7.1-rc1。主要变化包括：移除对部分旧硬件的支持，其中包括 i486 和俄罗斯 Baikal CPU，清理部分旧 PCMCIA 驱动；新 NTFS 驱动，支持 12 种新 SoC，新联想 Legion Go 驱动，Intel QAT Zstd 支持，AMD Zen 6 支持，Intel Linear Address Space Separation (LASS)，等等。

Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers. According to a new report published by Infoblox, the operation is believed to