Aggregator

CVE-2024-38063：IPv6远程代码执行漏洞分析 by 洞源实验室

更多最新文章，请访问SecWiki

Explore the technical realities of passwordless authentication in this comprehensive analysis. We debunk common myths, examine security implications, and provide evidence-based insights into how this technology transforms digital security while enhancing user experience.

The post Busting Common Passwordless Authentication Myths: A Technical Analysis appeared first on Security Boulevard.

A new phishing campaign dubbed 'CRON#TRAP' infects Windows with a Linux virtual machine that contains a built-in backdoor to give stealthy access to corporate networks. [...]

A research tool by the company found a vulnerability in the SQLite open source database, demonstrating the "defensive potential" for using LLMs to find vulnerabilities in applications before they're publicly released.

A US district court sentenced a Nigerian man for an elaborate ‘man-in-the-middle’ phishing campaign, which resulted in $12m in losses from real-estate transactions

For the latest discoveries in cyber research for the week of 4th November, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Free, the second-largest telecom company in France, has been hit by a cyberattack resulting in unauthorized access to personal data associated with certain subscriber accounts. The incident surfaced following an attempted sale […]

The post 4th November – Threat Intelligence Report appeared first on Check Point Research.

Instagram ужесточает политику безопасности для младших пользователей.

A vulnerability was found in Apple iOS up to 9.3.1. It has been rated as critical. This issue affects some unknown processing of the component Disk Images. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-1808. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

Слабая защита поставила под угрозу целое поколение.

A vulnerability was found in SearchBlox up to 8.1. It has been classified as problematic. Affected is an unknown function of the file _cluster/health. The manipulation of the argument pretty=true leads to information disclosure. This vulnerability is traded as CVE-2015-0969. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Eduforge emergecolab 1.0. Affected is an unknown function. The manipulation of the argument sitecode leads to path traversal. This vulnerability is traded as CVE-2008-5990. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Jetik Jetik Emlak Sistem A 2.0. Affected by this issue is some unknown functionality of the file diger.php. The manipulation of the argument KayitNo leads to sql injection. This vulnerability is handled as CVE-2008-5992. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Aj Square AJ Auction 2.0 and classified as critical. This vulnerability affects unknown code of the file detail.php. The manipulation of the argument item_id leads to sql injection. This vulnerability was named CVE-2008-6414. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Greatclone Hotscripts Clone and classified as critical. Affected by this vulnerability is an unknown functionality of the file showcategory.php. The manipulation of the argument cid leads to sql injection. This vulnerability is known as CVE-2008-6405. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Brian Wilson ol bookmarks manager 0.7.5. It has been classified as critical. This affects an unknown part of the file frame.php. The manipulation of the argument framefile leads to path traversal. This vulnerability is uniquely identified as CVE-2008-6407. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Brian Wilson ol bookmarks manager 0.7.5. It has been declared as critical. This vulnerability affects unknown code of the file frame.php. The manipulation of the argument framefile leads to code injection. This vulnerability was named CVE-2008-6408. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Brian Wilson ol bookmarks manager 0.7.5. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2008-6409. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Brian Wilson ol bookmarks manager up to 0.7.5. Affected is an unknown function of the file show.php. The manipulation of the argument show leads to path traversal. This vulnerability is traded as CVE-2008-6410. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.