Aggregator

A vulnerability, which was classified as problematic, was found in Swannsecurity DVR4-SecuraNet. This affects an unknown part of the file vy_netman.cfg. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2009-0640. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

引言主要更新内容ATT&CK继续延续每年更新两个大版本的状态，今年迎来的ATT&CK 的第16个版本。笔者跟踪了这一年的ATT&CK的进展以及刚结束的ATT&CKcon 5.0中各个内容。提炼了主要的

A vulnerability was found in Sun JDK 1.6.0. It has been classified as very critical. This affects an unknown part of the component Deployment. The manipulation leads to Remote Code Execution. This vulnerability is uniquely identified as CVE-2010-0886. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

新发现漏洞的数量出现了前所未有的增长态势，其中高危或严重级别的漏洞占比高达一半，漏洞利用的时间线显著缩短。

在信息技术飞速发展的当下，网络安全已然成为全球瞩目的焦点。安全极客社区精心译制的《2024 年漏洞与威胁趋势报告》明确指出，2023 年堪称网络安全领域的重要分水岭。这一年，新发现漏洞的数量出现了前所

A vulnerability, which was classified as problematic, has been found in NICMx Fort 1.6.3/1.6.4. Affected by this issue is some unknown functionality of the component Manifest RPKI Object Handler. The manipulation leads to integer underflow. This vulnerability is handled as CVE-2024-56375. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, has been found in Sun JRE and JDK 1.5.0. Affected by this issue is the function HsbParser.getSoundBank of the component Parser. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2009-3867. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章，展示来自用户的最真实的体验和观点。 文章代表

A vulnerability was found in ASUSTek Aura Ready Game SDK Service 1.0.0.4. It has been classified as critical. This affects an unknown part of the file GameSDK.exe. The manipulation leads to unquoted search path. This vulnerability is uniquely identified as CVE-2022-35899. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

自 2023 年 10 月以来，以色列和哈马斯之间爆发的冲突助长了中东国家之间的网络攻击，并在全球范围内将多个国家卷入其中。

主站 分类 漏洞 工具 极客

A vulnerability was found in Microsoft Excel 2010 SP2/2013 RT SP1/2013 SP1/2016. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2017-0020. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.