Aggregator

複数のマイクロソフト製品には、脆弱性があります。同社は、今回修正された一部の脆弱性を悪用する攻撃をすでに確認しているとのことです。この問題は、Microsoft Updateなどを用いて、更新プログラムを適用することで解決します。詳細は、開発者が提供する情報を参照してください。

近日，国内网络安全行业权威机构等级保护测评正式公布2024年网络安全优秀评选获奖名录，威努特一举斩获该评选设立的全部三项大奖：威努特以优异的综合实力和市场竞争力被评为“优秀十强企业”；威努特数据数据备

优秀十强企业、十大优秀产品、十大优秀案例！

基本概念JSON Web Token (JWT)是一个开放标准 ( RFC 7519)，它定义了一种紧凑且自包含的方式，用于在各方之间以JSON对象的形式安全传输信息。此信息可以验证和信任，因为它是数

Name: KnightCTF 2025 (an KnightCTF event.)
Date: Jan. 20, 2025, 3 p.m. — 21 Jan. 2025, 15:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://2025.knightctf.com/
Rating weight: 18.78
Event organizers: Knight Squad

This article explains the invisible prompt injection, including how it works, an attack scenario, and how users can protect themselves.

Discover whether your team truly needs a threat intelligence feed with our unbiased white paper. This practical guide helps cybersecurity professionals assess their needs, identify gaps, and confidently evaluate options for a tailored, effective cyber defense strategy.

The foundation of a successful partnership is a shared commitment to mutual growth – this is somethi

你可能错过的新鲜事快手宣布全链路支持杜比视界视频1 月 21 日，快手通过官方微信公众号宣布成为全球首家全链路支持杜比视界的短视频平台，快手建议用户将快手 App 升级到 12.11.30 以上版

A vulnerability was found in Linux Kernel up to 5.14.14. It has been rated as problematic. Affected by this issue is the function peak_pci_remove. The manipulation leads to use after free. This vulnerability is handled as CVE-2021-47456. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Facebook Hermes. This affects an unknown part of the component Bytecode Generation. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2023-30470. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Facebook Hermes and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Bytecode Optimization. The manipulation leads to use after free. This vulnerability is known as CVE-2023-28081. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in netconsd up to 0.1. This affects the function parse_packet. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2023-28753. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Foxit PDF Reader and PDF Editor 11.0.1/11.1/11.2.1/11.2.2/12.0.1 on Windows. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to Local Privilege Escalation. The identification of this vulnerability is CVE-2023-33240. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in customexporter up to 1.7.20 on Prestashop and classified as critical. This vulnerability affects unknown code of the file modules/customexporter/downloads/download.php. The manipulation leads to improper access controls. This vulnerability was named CVE-2023-30199. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Fastweb FASTGate MediaAccess FGA2130FWB and FASTGate MediaAccess DGA4131FWB and classified as critical. This issue affects some unknown processing of the component HTTP Request Handler. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2022-30114. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Cloud Foundry CAPI, Loggregator-agent and CF Deployment. It has been classified as critical. Affected is an unknown function. The manipulation leads to improper certificate validation. This vulnerability is traded as CVE-2023-20881. The attack can only be initiated within the local network. There is no exploit available.

HTML Cheat Sheet

A vulnerability, which was classified as critical, has been found in Drweb Web Security Space 6.0.0.03100. Affected by this issue is some unknown functionality of the component Malware Detection. The manipulation of the argument Product leads to race condition. This vulnerability is handled as CVE-2010-5159. It is possible to launch the attack on the local host. There is no exploit available. The real existence of this vulnerability is still doubted at the moment.