史无前例!黎巴嫩突发寻呼机大规模群体爆炸,已致数千人伤亡;拼多多旗下跨境电商平台Temu回应8700万条数据泄露:系谣言| 牛览
新闻速览 •国家金融监管总局印发《关于加强银行业保险业移动互联网应用程序管理的通知》 •第九届“创客中国”网络 […]
Aggregator
活动预告 | 网络空间地理学的理论、技术与实战论坛即将举办
5 months ago
在全球数字化转型加速的今天,网络空间已成为国家安全和社会稳定的新战场。为了更有效地应对日益复杂的网络安全挑战, […]
aqniu
CVE-2016-8101 | Intel SSD Toolbox up to 3.3.6 Updater Subsystem access control (ID 370171 / BID-93482)
5 months ago
A vulnerability, which was classified as critical, has been found in Intel SSD Toolbox up to 3.3.6. Affected by this issue is some unknown functionality of the component Updater Subsystem. The manipulation leads to improper access controls.
This vulnerability is handled as CVE-2016-8101. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution
5 months ago
Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution.
The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), has been described as a heap-overflow vulnerability in the DCE/RPC protocol.
"A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a
The Hacker News
Temu denies breach after hacker claims theft of 87 million data records
5 months ago
error code: 1106
CrowdSec: Open-source security solution offering crowdsourced protection
5 months ago
Crowdsec is an open-source solution that offers crowdsourced protection against malicious IPs. CrowdSec features For this project, the developers have two objectives: Provide free top-quality intrusion detection and protection software. There’s community participation in creating new detection rules as new vulnerabilities are uncovered. Share and validate the attackers’ IPs with the network participants to render hackers’ resources useless as soon as possible. A consensus system gives a real-time actionable blocklist with no false positives. “CrowdSec … More →
The post CrowdSec: Open-source security solution offering crowdsourced protection appeared first on Help Net Security.
Mirko Zorz
JVN: 竹中エンジニアリング製デジタルビデオレコーダにおける複数の脆弱性
5 months ago
竹中エンジニアリング株式会社が提供するデジタルビデオレコーダ製品には、複数の脆弱性が存在します。
Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299
5 months ago
Sep 17, 2024When a conference positioned as a day of security for developershas to be canceled due
CVE-1999-0746 | SuSE Linux up to 6.2 in.identd denial of service (EDB-19463 / Nessus ID 10560)
5 months ago
A vulnerability was found in SuSE Linux up to 6.2. It has been rated as problematic. This issue affects some unknown processing of the file in.identd. The manipulation leads to denial of service.
The identification of this vulnerability is CVE-1999-0746. The attack may be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Mastering Containerization: Key Strategies and Best Practices
5 months ago
Russia targets Harris campaign with wave of fake videos
5 months ago
Russia has fully pivoted its disinformation efforts to focus on Vice President Kamala Harris, relea
CVE-2015-1479 | Zoho ManageEngine ServiceDesk Plus 9.0 Build 9031 site sql injection (ID 130079 / EDB-35890)
5 months ago
A vulnerability has been found in Zoho ManageEngine ServiceDesk Plus 9.0 Build 9031 and classified as critical. This vulnerability affects unknown code. The manipulation of the argument site leads to sql injection.
This vulnerability was named CVE-2015-1479. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2013-7247 | Franklinfueling Ts-550 Evo up to 2.0.0.6832 Firmware access control (EDB-31180)
5 months ago
A vulnerability, which was classified as problematic, has been found in Franklinfueling Ts-550 Evo up to 2.0.0.6832. Affected by this issue is some unknown functionality of the component Firmware. The manipulation leads to improper access controls.
This vulnerability is handled as CVE-2013-7247. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Discord launches end-to-end encrypted voice and video chats
5 months ago
Discord, one of the largest group chat apps in the world, announced on Tuesday that audio and video
FortiGate SSLVPN 堆溢出漏洞分析与利用
5 months ago
处理env参数时存在逻辑缺陷,导致堆溢出写,漏洞利用可以导致任意代码执行。
CVE-2007-2901 | Dokeos 1.8.0 ImageManager/editor.php img cross site scripting (EDB-3974 / XFDB-34733)
5 months ago
A vulnerability classified as problematic has been found in Dokeos 1.8.0. Affected is an unknown function in the library main/inc/lib/fckeditor/editor/plugins/imagemanager/editor.php of the file ImageManager/editor.php. The manipulation of the argument img leads to basic cross site scripting.
This vulnerability is traded as CVE-2007-2901. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
安全动态回顾|《人工智能安全治理框架》发布 网络安全巨头Fortinet证实遭遇数据泄露
5 months ago
往期回顾:
胡金鱼
Broadcom fixes critical RCE bug in VMware vCenter Server
5 months ago
error code: 1106
CVE-2007-2900 | Scallywag 2005-04-25 template.php path code injection (EDB-3972 / XFDB-34469)
5 months ago
A vulnerability was found in Scallywag 2005-04-25. It has been rated as critical. This issue affects some unknown processing of the file template.php. The manipulation of the argument path leads to code injection.
The identification of this vulnerability is CVE-2007-2900. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Construction firms breached in brute force attacks on accounting software
5 months ago
error code: 1106