Aggregator

A vulnerability, which was classified as critical, was found in Ivanti CSA up to 4.6 Patch 518. This affects an unknown part. The manipulation leads to os command injection. This vulnerability is uniquely identified as CVE-2024-8190. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Progress WhatsUp Gold. This issue affects the function HasErrors. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2024-6670. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Захват заложников, нападения и драки - новая реальность для криптоинвесторов.

A vulnerability was found in Aeries Student Information System 3.8.2.8 and classified as critical. Affected by this issue is some unknown functionality of the file comments.asp. The manipulation of the argument Term leads to sql injection. This vulnerability is handled as CVE-2008-0943. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in cvat up to 2.18.x. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-47063. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Authors/Presenters:Yang Zhou, Xingyu Xiang, Matthew Kiley, Sowmya Dharanipragada, Minlan Yu

Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.

Permalink

The post USENIX NSDI ’24 – DINT: Fast In-Kernel Distributed Transactions with eBPF appeared first on Security Boulevard.

Cyfirma раскрыла все карты пакистанских хакеров.

A vulnerability classified as very critical has been found in PIX-LINK LV-WR22 RE3002-P1-01_V117.0. This affects an unknown part of the component Telnet Service. The manipulation leads to weak password requirements. This vulnerability is uniquely identified as CVE-2024-46280. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply restrictive firewalling.

A vulnerability was found in MantisBT up to 2.26.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the component POST Request Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-45792. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SourceCodester Online Medicine Ordering System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2024-46293. The attack can be launched remotely. There is no exploit available.