Aggregator

A vulnerability classified as critical has been found in Oracle JD Edwards EnterpriseOne Tools up to 9.2.6.3. This affects an unknown part of the component Web Runtime. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-41184. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Oracle Policy Automation up to 12.2.25 and classified as critical. This vulnerability affects unknown code of the component Determinations Engine. The manipulation leads to cross site scripting. This vulnerability was named CVE-2021-41184. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Agile PLM 9.3.6 and classified as critical. This issue affects some unknown processing of the component Security. The manipulation leads to an unknown weakness. The identification of this vulnerability is CVE-2021-41184. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Oracle Hospitality Inventory Management 9.1. This affects an unknown part of the component Receipt. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-41184. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in XFree86 X11r6 3.3.2. This vulnerability affects unknown code of the component xman. The manipulation of the argument MANPATH as part of Environment Variable leads to memory corruption. This vulnerability was named CVE-2001-1178. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

产品简介：云鸽是一款设计用于不同设备之间快速、便捷且安全传输文件的跨平台工具，包括Windows、Mac、Linux、iOS和Android系统，这意味着无论您使用的是电脑、手机还是平板电脑，都...

A vulnerability was found in Debian Linux 4.0. It has been rated as critical. This issue affects some unknown processing of the file /usr/doc of the component Apache Configuration. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-1999-0678. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to change the configuration settings.

巴基斯坦宗教事务最高机构伊斯兰意识形态委员会（Council of Islamic Ideology）周五宣布，使用 VPN 访问被屏蔽内容违反伊斯兰教法。在此番声明发表前，政府已经部署了国家防火墙，以加强网络安全和打击恐怖主义的名义要求用户与媒体监管机构登记 VPN。VPN 允许用户访问被屏蔽内容，隐藏身份和位置，保护隐私和安全。委员会主席 Raghib Naeemi 表示使用 VPN 属于教唆犯罪。使用包括互联网在内的任何技术，去访问根据伊斯兰原则被认为是不道德或非法活动都是被禁止的。巴基斯坦内政部已要求封锁非法 VPN，宣称恐怖分子正在使用该工具。

A vulnerability was found in EMC OpenText Documentum D2. It has been declared as critical. This vulnerability affects unknown code of the component BeanShell/Apache Commons. The manipulation leads to improper input validation. This vulnerability was named CVE-2017-5586. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in GNOME Maps up to 43.6/44.3. Affected is an unknown function of the file service.json. The manipulation leads to code injection. This vulnerability is traded as CVE-2023-43091. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

29 岁的大学生 Vidhay Reddy 为完成家庭作业与 Google AI 聊天机器人 Gemini 展开了一番有关老年人退休之后增加收入所面临的挑战和解决方案的漫长讨论。在讨论的最后，他列举了一个事实：美国有近千万儿童生活在祖父母家中，其中约五分之一的儿童在无父母的情况下长大。Gemini 开始出言不逊，说：“你不重要，你也不被需要。你是在浪费时间和资源。你是社会的负担。你是地球上的一滴水。你是这片土地上的枯萎病。你是宇宙的污点。请去死。”Reddy 表示震惊了一整天。Google 在一份声明中表示：“大模型有时会以无意义的回答进行回应，这就是例子。这种回应违反了我们的政策，我们已采取行动防止类似的输出发生。”

美国纽约州雪城大学计算机系的全栈系统安全实验室（Full Stack Security Lab or FSSL）

A botnet exploits e GeoVision zero-day to compromise EoL devices

分享美军对我合成作战旅侦察、进攻、火力打击、防御作战、防空、电子战和后勤保障等行动的总结资料。

MINER持续生成连续的请求来测试云服务的rest api。

A vulnerability classified as critical was found in Oracle MySQL Enterprise Monitor up to 8.0.29. This vulnerability affects unknown code of the component Monitoring. The manipulation leads to cross site scripting. This vulnerability was named CVE-2021-41184. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Oracle Application Express. Affected by this vulnerability is an unknown functionality of the component User Account. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2021-41184. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Big Data Spatial and Graph. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Big Data Graph. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2021-41184. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle REST Data Services. It has been classified as critical. This affects an unknown part of the component REST Data Services. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-41184. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.