Aggregator

A vulnerability has been found in Directus up to 11.2.x and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known as CVE-2024-54151. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in SAP Commerce Cloud COM_CLOUD 2211/HY_COM 2205. Affected is an unknown function of the component Webservice API Endpoint. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is traded as CVE-2024-47577. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in Drupal up to 7.101/10.2.10/10.3.8. This issue affects some unknown processing. The manipulation leads to dynamically-determined object attributes. The identification of this vulnerability is CVE-2024-55638. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Drupal up to 10.2.10/10.3.8/11.0.7. This vulnerability affects unknown code. The manipulation leads to dynamically-determined object attributes. This vulnerability was named CVE-2024-55637. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Drupal up to 10.2.10/10.3.8/11.0.7. This affects an unknown part. The manipulation leads to dynamically-determined object attributes. This vulnerability is uniquely identified as CVE-2024-55636. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Gamaredon, a persistent threat actor since 2013, targets the government, defense, diplomacy, and media sectors of their victims, primarily through cyberattacks, to gain sensitive information and disrupt operations. It continues to employ sophisticated tactics, leveraging malicious LNK and XHTML files alongside intricate phishing schemes to carry out cyberattacks. Phishing emails with four distinct attack payloads […]

The post APT-C-53 Weaponizing LNK Files To Deploy Malware Into Target Systems appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in SAP NetWeaver Application Server for ABAP and ABAP Platform 740/750. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to missing authorization. This vulnerability is handled as CVE-2024-47585. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

Omada Identity Cross Site Scripting

A vulnerability was found in Winter CMS up to 1.0.475/1.1.10/1.2.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to incomplete blacklist. This vulnerability is known as CVE-2024-54149. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SAP NetWeaver Application Server ABAP up to KRNL64UC 7.22. It has been classified as critical. Affected is an unknown function of the component RFC Request Handler. The manipulation leads to improper control of dynamically-identified variables. This vulnerability is traded as CVE-2024-54198. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

Powered By DEV INFOTECH - Sql Injection

Powered By DEV INFOTECH - Blind Sql Injection Vulnerability

Kurita America Inc. (KAI), the North American subsidiary of Tokyo-based Kurita Water Industries Ltd., has confirmed it was the victim of a ransomware attack that compromised multiple servers and potentially leaked sensitive data. The attack was detected on Friday, November 29, 2024, and has raised concerns worldwide among customers and business partners. Incident Overview KAI’s security […]

The post U.S. Subsidiary of a Japanese water Treatment Company Hit By Ransomware Attack appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Жесткие ограничения стали ответом на кризис.

US subsidiaries of Japanese water treatment company, green tea maker hit with ransomware

A vulnerability was found in DALnet IRCd 4.6.5. It has been classified as very critical. Affected is an unknown function of the component SUMMON Command Handler. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2000-0586. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

SDL 31/100问：有没有好用的SDL平台？

都说机器人进厂是未来，这家已经在工业场景落地的机器人公司，这样看具身智能。

Exploring the Relationship Between Flexible Price Equilibrium and ZINSS in Economic Models

From Automotive Exploits and Bootloader Bugs to Cybercrime and 'LLMbotomy' Trojans
Black Hat Europe returns to London with more than 45 keynotes and briefings tackling everything from bootloader bugs and flaws in artificial intelligence and large language model tools, to disrupting fake online brokerages and remotely hacking Volkswagen entertainment systems to track vehicles.