Aggregator

巴西最高法院称代表 X 的律师向错误的银行缴纳罚款，因此推迟了在巴西是否恢复 X 访问的决定。马斯克 (Elon Musk) 旗下的社交平台 X 上周五递交了在巴西恢复服务的新请求，称该公

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 北京市科学技术研究院科技情报研究所副研究员 靳晓宏；北京市科学技术研究院科技情报研究所研究员 李辉完善的数实融合

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 中国法学会法治研究所研究员 刘金瑞当前，人工智能技术的迅速发展，正在对经济发展、社会治理、人民生活产生重大而深刻

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063文 | 中国电子技术标准化研究院副院长 全国网络安全标准化技术委员会秘书长 杨建军习近平总书记强调，要坚持依法治网、依法

© 2024 Packet Storm. All rights reserved.

A vulnerability classified as critical has been found in Mitel MiContact Center Business up to 10.1.0.4. Affected is an unknown function of the component Legacy Chat. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2024-42514. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Cisco Nexus Dashboard. It has been classified as critical. Affected is an unknown function of the component REST API Endpoint. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2024-20442. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in DrayTek Vigor3910 up to 4.3.2.6. Affected is an unknown function of the file recvCmd. The manipulation leads to os command injection. This vulnerability is traded as CVE-2024-41585. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as critical was found in DrayTek Vigor3910 up to 4.3.2.6. Affected by this vulnerability is the function strncpy of the file v2x00.cgi of the component CGI Endpoint. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2024-41588. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in DrayTek Vigor310 up to 4.3.2.6. This affects the function strcpy of the component CGI Endpoint. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2024-41590. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in SyroTech SY-GOPON-8OLT-L3 1.6.0_240629 and classified as critical. This issue affects some unknown processing. The manipulation leads to command injection. The identification of this vulnerability is CVE-2024-46658. The attack can only be done within the local network. There is no exploit available.

A vulnerability has been found in code-projects Restaurant Reservation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /filter2.php. The manipulation of the argument from/to leads to sql injection. This vulnerability is known as CVE-2024-9429. The attack can be launched remotely. Furthermore, there is an exploit available. The initial researcher advisory only mentions the parameter "from" to be affected. But it must be assumed that parameter "to" is affected as well.

A vulnerability, which was classified as problematic, was found in Simple-Spellchecker 1.0.2. This affects the function _readFileSync. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-46503. The attack can only be initiated within the local network. There is no exploit available.

© 2024 Packet Storm. All rights reserved.

Home and small business security company ADT disclosed it suffered a breach after threat actors gained access to its systems using stolen credentials and exfiltrated employee account data. [...]

Kyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birt

© 2024 Packet Storm. All rights reserved.

On Friday night, cryptocurrency scammers briefly hacked the LEGO website to promote a fake Lego token that could be purchased with Ethereum. [...]