Aggregator

Russian zero-day broker Operation Zero is looking for exploits for the popular messaging app Telegram, offering up to $4 million for them. Operation Zero, a Russian zero-day broker, is offering up to $4 million for Telegram exploits, the news was first reported by Tech Crunch. The Russian firm seeks up to $500K for one-click RCE, […]

A vulnerability was found in Synology Router Manager. It has been rated as critical. Affected by this issue is some unknown functionality of the component AirPrint. The manipulation leads to download of code without integrity check. This vulnerability is handled as CVE-2024-39348. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in HCL DRYiCE AEX 10. This affects an unknown part. The manipulation leads to missing immutable root of trust in hardware. This vulnerability is uniquely identified as CVE-2024-30111. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in gallerycreator Gallery Blocks with Lightbox. Image Gallery Plugin up to 3.2.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument galleryID/className leads to cross site scripting. This vulnerability is handled as CVE-2024-5424. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in bdthemes Ultimate Post Kit Addons for Elementor Plugin up to 3.11.7 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation of the argument url leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-5662. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Nikola Vasilijevski AdmirorFrames up to 4.x. It has been rated as problematic. This issue affects some unknown processing of the file afGdStream.php. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-5737. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Concept Intermedia SAM CMS up to 3.3. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-3800. It is possible to launch the attack remotely. There is no exploit available.

本报告深入剖析了身份攻击面，揭示了威胁行为者如何利用身份弱点，以及企业必须采取哪些措施来防御这些弱点。

从未用过微信读书

从未用过微信读书

话说有一天，看到一个不错的项目，想着复现一下，但是发现这个项目需要通过docker部署。

话说有一天，看到一个不错的项目，想着复现一下，但是发现这个项目需要通过docker部署。

话说有一天，看到一个不错的项目，想着复现一下，但是发现这个项目需要通过docker部署。

话说有一天，看到一个不错的项目，想着复现一下，但是发现这个项目需要通过docker部署。

话说有一天，看到一个不错的项目，想着复现一下，但是发现这个项目需要通过docker部署。

话说有一天，看到一个不错的项目，想着复现一下，但是发现这个项目需要通过docker部署。

话说有一天，看到一个不错的项目，想着复现一下，但是发现这个项目需要通过docker部署。

Microsoft Windows - NTLM Hash Leak Malicious Windows Theme

Aztech DSL5005EN Router - 'sysAccess.asp' Admin Password Change (Unauthenticated)