Aggregator

A vulnerability was found in Linux Kernel up to 5.3.6. It has been classified as critical. This affects the function rtl_p2p_noa_ie of the file drivers/net/wireless/realtek/rtlwifi/ps.c. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2019-17666. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability has been found in Linux Kernel up to 5.0.10 and classified as critical. Affected by this vulnerability is the function tcp_ack_update_rtt of the file net/ipv4/sysctl_net_ipv4.c. The manipulation leads to integer overflow. This vulnerability is known as CVE-2019-18805. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.0.0 and classified as problematic. This vulnerability affects the function register_queue_kobjects of the file net/core/net-sysfs.c. The manipulation leads to memory corruption. This vulnerability was named CVE-2019-15916. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.2.14 on PowerPC. This issue affects some unknown processing of the file arch/powerpc/kernel/process.c of the component Hardware Transaction Handler. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2019-15030. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.0.14. Affected by this issue is the function do_hidp_sock_ioctl of the file net/bluetooth/hidp/sock.c. The manipulation leads to command injection. This vulnerability is handled as CVE-2019-11884. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 3.x/4.20 and classified as problematic. This vulnerability affects unknown code of the component NFS. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2018-16871. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Docker Engine and moby. It has been classified as very critical. Affected is an unknown function of the component AuthZ. The manipulation leads to partial string comparison. This vulnerability is traded as CVE-2024-41110. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

日本科技公司卡西欧证实本月初遭到勒索软件攻击，员工、求职者、合作伙伴和部分客户的数据被盗，客户支付相关的信息未受影响，但随着调查的进一步深入，受影响的范围可能会扩大。勒索软件组织 Underground 此前宣布对此次攻击负责。卡西欧公布了被认为已经被盗的信息：公司及其子公司正式员工、临时个和合同工的个人数据；业务合作伙伴的个人细节；参加面试的求职者个人数据；客户的个人信息；业务合同信息；财务数据；法务、财务、人力、审计、销售等相关的文件。

10月10日，第39次全国计算机安全学术交流会在陕西省西安市举办。此次会议以“人工智能助力构建网络安全新格局” […]

A vulnerability, which was classified as critical, was found in HAProxy up to 2.9.10/3.0.4/3.1-dev6. Affected is an unknown function of the component QUIC. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-49214. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in netease-youdao QAnything up to 1.4.1. This issue affects the function get_knowledge_base_name/from_status_to_status/delete_files/get_file_by_status. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2024-7099. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical was found in Hgiga OAKlouds. This vulnerability affects unknown code of the component Incomplete Fix CVE-2024-26261. The manipulation leads to absolute path traversal. This vulnerability was named CVE-2024-9924. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Teamplus Technology Team+ 13.5.x. This affects an unknown part of the component System Files Handler. The manipulation leads to relative path traversal. This vulnerability is uniquely identified as CVE-2024-9922. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Teamplus Technology Team+ 13.5.x. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation of the argument page leads to sql injection. This vulnerability is handled as CVE-2024-9921. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Teamplus Technology Team+ 13.5.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to relative path traversal. This vulnerability is known as CVE-2024-9923. The attack can be launched remotely. There is no exploit available.

图库 Imgur 宣布不再将成人幽默模因（meme）归类为成人内容，只有真正的色情内容才会打上成人内容的标签。Imgur 是在收集了内容审核方面的反馈之后做出了这一决定，它的成人内容政策此前被认为在应用上不一致、过于主观，整体上混乱，以后成人标签内容将由只包含真正的色情内容。调整之后它大幅减少了内容警告，也大幅减少了成人内容标签。成人内容默认不向用户展示，用户需要主动选择加入。

A vulnerability classified as problematic has been found in Aida-orga Aida-Web. Affected is an unknown function of the file frame.html. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2007-6056. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

If someone told you five years ago that you could pose questions to an AI agent about the most vexing issues in science and it could answer back swiftly and meaningfully, you would’ve thought they were joking. But AI has ushered in this reality. The same holds true for quantum computing. For those that need a refresher on quantum computing, it’s considered ground-breaking technology: a super computer that uses the principles of quantum mechanics to … More →

The post The quantum dilemma: Game-changer or game-ender appeared first on Help Net Security.