Aggregator
不谈音质,水月雨的「跨界」手机有多新鲜?
1 week ago
Matrix 首页推荐 Matrix 是少数派的写作社区,我们主张分享真实的产品体验,有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章,展示来自用户的最真实的体验和观点。文章代
CVE-2024-52725 | SEMCMS 4.8 SEMCMS_SeoAndTag.php ldgid sql injection
1 week ago
A vulnerability classified as critical has been found in SEMCMS 4.8. Affected is an unknown function of the file SEMCMS_SeoAndTag.php. The manipulation of the argument ldgid leads to sql injection.
This vulnerability is traded as CVE-2024-52725. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-52770 | DedeBIZ 6.3.0 File file_manage_control unrestricted upload
1 week ago
A vulnerability was found in DedeBIZ 6.3.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/file_manage_control of the component File Handler. The manipulation leads to unrestricted upload.
The identification of this vulnerability is CVE-2024-52770. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-51162 | audimexEE up to 15.1.20 Privilege Escalation
1 week ago
A vulnerability was found in audimexEE up to 15.1.20. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to Privilege Escalation.
This vulnerability was named CVE-2024-51162. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2018-9468 | Google Android 7/8/8.1/9 DownloadManager.java query information disclosure
1 week ago
A vulnerability was found in Google Android 7/8/8.1/9. It has been classified as problematic. This affects the function query of the file DownloadManager.java. The manipulation leads to information disclosure.
This vulnerability is uniquely identified as CVE-2018-9468. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-52771 | DedeBIZ 6.3.0 /admin/file_manage_view denial of service
1 week ago
A vulnerability was found in DedeBIZ 6.3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/file_manage_view. The manipulation leads to denial of service.
This vulnerability is handled as CVE-2024-52771. The attack needs to be initiated within the local network. There is no exploit available.
vuldb.com
CVE-2024-52796 | pglombardo PasswordPusher up to 1.48.x allocation of resources
1 week ago
A vulnerability has been found in pglombardo PasswordPusher up to 1.48.x and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to allocation of resources.
This vulnerability is known as CVE-2024-52796. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-52769 | DedeBIZ 6.3.0 File /admin/friendlink_edit unrestricted upload
1 week ago
A vulnerability, which was classified as critical, has been found in DedeBIZ 6.3.0. This issue affects some unknown processing of the file /admin/friendlink_edit of the component File Handler. The manipulation leads to unrestricted upload.
The identification of this vulnerability is CVE-2024-52769. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2018-9469 | Google Android 8/8.1/9 ShortcutService.java permission
1 week ago
A vulnerability, which was classified as critical, was found in Google Android 8/8.1/9. Affected is an unknown function of the file ShortcutService.java. The manipulation leads to permission issues.
This vulnerability is traded as CVE-2018-9469. An attack has to be approached locally. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-51163 | Vegam Solutions Vegam 4i up to 6.3.47.0 Print Labelling information disclosure
1 week ago
A vulnerability classified as problematic was found in Vegam Solutions Vegam 4i up to 6.3.47.0. This vulnerability affects unknown code of the component Print Labelling. The manipulation leads to information disclosure.
This vulnerability was named CVE-2024-51163. The attack can be initiated remotely. There is no exploit available.
vuldb.com
Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package
1 week ago
Multiple decade-old security vulnerabilities have been disclosed in the needrestart package install
Una grave data breach ha colpito le aziende statunitensi di telecomunicazioni
1 week ago
Five Privilege Escalation Flaws Found in Ubuntu needrestart
1 week ago
Five LPE flaws in Ubuntu’s needrestart utility enable attackers to gain root access in versions prior to 3.8
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”
1 week ago
Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to an Iranian threat actor commonly referred to as MuddyWater or TA450. The […]
gallagherseanm
A Threat Actor is Allegedly Selling Data of Etudes Environnement
1 week ago
A Threat Actor is Allegedly Selling Data of Etudes Environnement
Dark Web Informer
甲骨文云助手网页版
1 week ago
一个基于 Oracle OCI SDK 开发的WEB端可视化甲骨文云助手,目前实现的功能有:支持批量添加多个租户配置、查询租户实例信息、根据多个CI
Microsoft Veeps Ignite Fire Under CrowdStrike
1 week ago
BSODs begone! Redmond business leaders line up to say what’s new in Windows security.
The post Microsoft Veeps Ignite Fire Under CrowdStrike appeared first on Security Boulevard.
Richi Jennings
Anonymous Guys Targeted the Website of Kent
1 week ago
Anonymous Guys Targeted the Website of Kent
Dark Web Informer
Leveling Up Fuzzing: Finding more vulnerabilities with AI
1 week ago
Kimberly Samra