Aggregator

大西洋月刊主编被拉入一个讨论轰炸也门计划的 Signal 群聊中

Solidot
1 year ago
大西洋月刊主编 Jeffrey Goldberg 披露,他在 3 月 11 日被美国国家安全顾问 Michael Waltz 拉入到一个讨论轰炸也门计划的 Signal 群聊中,并于 3 月 15 日美国军方展开行动前两小时获悉了轰炸计划细节。该群组被标记为 Houthi PC small group,参与者包括了国防部长 Pete Hegseth、副总统 JD Vance 等特朗普政府官员。美国国家安全委员会证实 Goldberg 披露的信息是真实的,表示正对此展开调查。Goldberg 指出,政府官员使用端对端加密消息应用 Signal 讨论机密计划违反了法律,包括间谍法和联邦信息保存法律。Signal 端对端加密的特性以及阅后即焚等功能意味着在该平台上讨论的信息难以保存。根据报道,Michael Waltz 将 Signal 群组中的部分消息设置为一周后消失,部分设置为四周后消失。根据联邦记录保存法,涉及官方行为的消息是需要保存的记录。

CVE-2024-45484 | B&R Industrial Automation APROL up to 4.4-00P4 Operating System Network Configuration allocation of resources

VulDB Recent Entries
1 year ago
A vulnerability was found in B&R Industrial Automation APROL up to 4.4-00P4. It has been declared as critical. This vulnerability affects unknown code of the component Operating System Network Configuration. The manipulation leads to allocation of resources. This vulnerability was named CVE-2024-45484. The attack needs to be done within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2024-27820 | Apple watchOS Web Contents memory corruption (Nessus ID 209285)

Vuldb Updates
1 year ago
A vulnerability, which was classified as critical, has been found in Apple watchOS. This issue affects some unknown processing of the component Web Contents Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-27820. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-23282 | Apple iOS/iPadOS Email improper authorization (Nessus ID 214267)

Vuldb Updates
1 year ago
A vulnerability was found in Apple iOS and iPadOS and classified as critical. Affected by this issue is some unknown functionality of the component Email Handler. The manipulation leads to improper authorization. This vulnerability is handled as CVE-2024-23282. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-58084 | Linux Kernel up to 6.12.13/6.13.2 qcom_scm_get_tzmem_pool initialization (Nessus ID 232241)

Vuldb Updates
1 year ago
A vulnerability was found in Linux Kernel up to 6.12.13/6.13.2. It has been classified as critical. Affected is the function qcom_scm_get_tzmem_pool. The manipulation leads to improper initialization. This vulnerability is traded as CVE-2024-58084. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-27598 | SixLabors ImageSharp up to 2.1.9/3.1.6 GIF Decoder out-of-bounds write (ID 2859)

Vuldb Updates
1 year ago
A vulnerability has been found in SixLabors ImageSharp up to 2.1.9/3.1.6 and classified as critical. Affected by this vulnerability is an unknown functionality of the component GIF Decoder. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2025-27598. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-1261 | devitemsllc HT Mega Plugin up to 2.8.2 on WordPress Countdown Widget cross site scripting

Vuldb Updates
1 year ago
A vulnerability was found in devitemsllc HT Mega Plugin up to 2.8.2 on WordPress. It has been classified as problematic. This affects an unknown part of the component Countdown Widget. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-1261. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad