Aggregator
Qilin
3 months 3 weeks ago
cohenido
Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw
3 months 3 weeks ago
Mandiant warned that Chinese espionage actor UNC5221 is actively exploiting a critical Ivanti vulnerability, which can lead to remote code execution
Critical flaw in Apache Parquet’s Java Library allows remote code execution
3 months 3 weeks ago
Experts warn of a critical vulnerability impacting Apache Parquet’s Java Library that could allow remote code execution. Apache Parquet’s Java Library is a software library for reading and writing Parquet files in the Java programming language. Parquet is a columnar storage file format that is optimized for use with large-scale data processing frameworks, such as […]
Pierluigi Paganini
После X — вся индустрия: ЕС запускает машину тотального контроля
3 months 3 weeks ago
Миллиардный штраф для X перекроит правила игры в соцсетях.
PE攻击之傀儡进程与重定位
3 months 3 weeks ago
看雪论坛作者ID:mb_zelrqyxa
PE攻击之傀儡进程与重定位
3 months 3 weeks ago
看雪论坛作者ID:mb_zelrqyxa
PE攻击之傀儡进程与重定位
3 months 3 weeks ago
看雪论坛作者ID:mb_zelrqyxa
CVE-2006-2723 | Mozilla Firefox 2.0 denial of service (EDB-1867 / XFDB-26898)
3 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Mozilla Firefox 2.0. Affected is an unknown function. The manipulation leads to denial of service.
This vulnerability is traded as CVE-2006-2723. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
Может ли ваш телевизор шпионить за вами?
3 months 3 weeks ago
Как уберечься от слежки и сохранить приватность.
CVE-2024-32696 | QuantumCloud Infographic Maker Plugin up to 4.6.6 on WordPress cross site scripting
3 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in QuantumCloud Infographic Maker Plugin up to 4.6.6 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-32696. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-32693 | ValvePress Automatic Plugin up to 3.92.x on WordPress cross-site request forgery
3 months 3 weeks ago
A vulnerability has been found in ValvePress Automatic Plugin up to 3.92.x on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery.
This vulnerability was named CVE-2024-32693. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-4026 | Holded Application up to 4.19.x General/Team ID cross site scripting
3 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Holded Application up to 4.19.x. Affected by this issue is some unknown functionality of the component General/Team ID. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2024-4026. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2022-34562 | PHPFox 4.8.9 Status Box cross site scripting
3 months 3 weeks ago
A vulnerability was found in PHPFox 4.8.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Status Box. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2022-34562. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2022-34561 | PHPFox 4.8.9 video description cross site scripting
3 months 3 weeks ago
A vulnerability was found in PHPFox 4.8.9. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument video description leads to cross site scripting.
This vulnerability is handled as CVE-2022-34561. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2022-34560 | PHPFox 4.8.9 History cross site scripting
3 months 3 weeks ago
A vulnerability classified as problematic was found in PHPFox 4.8.9. This vulnerability affects unknown code. The manipulation of the argument History leads to cross site scripting.
This vulnerability was named CVE-2022-34560. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2024-28436 | D-Link DAP-3662 session_login.php reload cross site scripting
3 months 3 weeks ago
A vulnerability was found in D-Link DAP-2230, DAP-2310, DAP-2330, DAP-2360, DAP-2553, DAP-2590, DAP-2690, DAP-2695, DAP-3520 and DAP-3662. It has been rated as problematic. Affected by this issue is some unknown functionality of the file session_login.php. The manipulation of the argument reload leads to cross site scripting.
This vulnerability is handled as CVE-2024-28436. The attack may be launched remotely. There is no exploit available.
vuldb.com
Тысячи IP в час: как техника Fast Flux обходит системы защиты
3 months 3 weeks ago
Метод атаки делает хакеров неуловимыми.
CVE-2024-12450 | infiniflow ragflow up to 0.13.x URL Parameter web_crawl command injection
3 months 3 weeks ago
A vulnerability classified as critical was found in infiniflow ragflow up to 0.13.x. This vulnerability affects the function web_crawl of the component URL Parameter Handler. The manipulation leads to command injection.
This vulnerability was named CVE-2024-12450. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-12537 | open-webui up to 0.3.32 api/v1/utils/code/format resource consumption
3 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in open-webui up to 0.3.32. This issue affects some unknown processing of the file api/v1/utils/code/format. The manipulation leads to resource consumption.
The identification of this vulnerability is CVE-2024-12537. The attack may be initiated remotely. There is no exploit available.
vuldb.com