Aggregator
CVE-2006-5621 | Ask Rave up to 0.8 end.php footfile code injection (EDB-2654 / XFDB-29825)
8 months 1 week ago
A vulnerability has been found in Ask Rave up to 0.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file end.php. The manipulation of the argument footfile leads to code injection.
This vulnerability is known as CVE-2006-5621. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
F-35’s voor NAVO-luchtruimbewaking naar Polen
8 months 1 week ago
Het door NAVO-landen aan Oekraïne geschonken militaire materieel moet veilig de plek van bestemming bereiken. Voor dat doel bewaken Nederlandse F-35-gevechtsvliegtuigen vanaf 1 september tot en met 1 december het NAVO-luchtruim boven Oost-Europa.
俄罗斯利用网络代理人保持网络空间战略优势和强国地位
8 months 1 week ago
德国公司研究揭示俄罗斯利用网络外包模式增强网络能力
央行供应商遭黑,多家金融机构超13亿元准备金被盗
8 months 1 week ago
6家金融机构的央行准备金账户遭到未授权访问
央行供应商遭黑,多家金融机构超13亿元准备金被盗
8 months 1 week ago
当前环境出现异常问题,需完成验证后才能继续访问相关内容或服务。
俄罗斯利用网络代理人保持网络空间战略优势和强国地位
8 months 1 week ago
由于环境异常,请完成验证以继续访问。
通知 | 第九届工业信息安全技能大赛密码应用安全锦标赛报名通知
8 months 1 week ago
为实现“以赛促学、以赛促评、以赛促改、以赛促管”和“普及密码知识、发现密码人才、壮大密码产业”的目标,提升密码从业人员综合实战能力和专业水平,推动院校密码专业课程创新,加快推动业务能力扎实、实战能力强的密码人才储备。
关注 | 《移动互联网应用服务用户权益保护合规管理指南》发布,引导行业提升合规意识和服务水平
8 months 1 week ago
为引导互联网企业提升经营服务合规意识和服务水平,切实保障用户合法权益,7月3日,工业和信息化部组织中国互联网协会和中国信息通信研究院在京发布《移动互联网应用服务用户权益保护合规管理指南》。
重点防范!新一批境外恶意网址和恶意IP发布
8 months 1 week ago
中国国家网络与信息安全信息通报中心通过支撑单位发现一批境外恶意网址和恶意IP,境外黑客组织利用这些网址和IP持续对中国和其他国家发起网络攻击。
专题·人工智能安全 | 人工智能大模型的安全治理困境与未来展望
8 months 1 week ago
自DeepSeek发布以来引发业界广泛关注并获得高度评价,在同等参数规模下,该系统的推理能力已达到GTP-4的数倍水平。
通知 | 第九届工业信息安全技能大赛密码应用安全锦标赛报名通知
8 months 1 week ago
当前环境出现异常状态,需完成验证后才能继续访问。
关注 | 《移动互联网应用服务用户权益保护合规管理指南》发布,引导行业提升合规意识和服务水平
8 months 1 week ago
当前环境出现异常,请完成验证以继续访问。
重点防范!新一批境外恶意网址和恶意IP发布
8 months 1 week ago
当前环境出现异常,需完成验证后方可继续访问。
专题·人工智能安全 | 人工智能大模型的安全治理困境与未来展望
8 months 1 week ago
当前环境出现异常问题,需完成验证后方可继续访问系统.
Qantas Contacted by Potential Cybercriminal Following Data Breach
8 months 1 week ago
Qantas said it is currently validating the contact, and has informed law enforcement
CVE-2006-0524 | PHP Ashnews file inclusion (EDB-27149 / Nessus ID 11799)
8 months 1 week ago
A vulnerability classified as problematic has been found in PHP Ashnews. This affects an unknown part. The manipulation leads to file inclusion.
This vulnerability is uniquely identified as CVE-2006-0524. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
8 New Malicious Firefox Extensions Steal OAuth Tokens, Passwords and Spy on Users
8 months 1 week ago
Security researchers from the Socket Threat Research Team have uncovered a sophisticated network of eight malicious Firefox browser extensions that actively steal OAuth tokens, passwords, and spy on users through deceptive tactics. The discovery reveals a coordinated campaign that exploits popular gaming titles and utility applications to compromise user security across the Firefox ecosystem. Major […]
The post 8 New Malicious Firefox Extensions Steal OAuth Tokens, Passwords and Spy on Users appeared first on Cyber Security News.
Guru Baran
上周关注度较高的产品安全漏洞(20250630-20250706)
8 months 1 week ago
上周关注度较高的产品安全漏洞(20250630-20250706)
CNVD漏洞周报2025年第25期
8 months 1 week ago
国家信息安全漏洞共享平台(以下简称CNVD)本周共收集、整理信息安全漏洞695个,其中高危漏洞345个、中危漏洞306个、低危漏洞44个。