Aggregator

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。

Что не так с Quake II от Microsoft?

A vulnerability, which was classified as problematic, has been found in Campcodes Online Event Management System 1.0. This issue affects some unknown processing of the file /views/process.php. The manipulation of the argument Name leads to cross site scripting. The identification of this vulnerability is CVE-2024-3524. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Campcodes Online Event Management System 1.0. Affected is an unknown function of the file /views/index.php. The manipulation of the argument msg leads to cross site scripting. This vulnerability is traded as CVE-2024-3525. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Campcodes Online Event Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument msg leads to cross site scripting. This vulnerability is known as CVE-2024-3526. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Complete Online Student Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file units_view.php. The manipulation of the argument FirstRecord leads to cross site scripting. This vulnerability is handled as CVE-2024-3528. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Complete Online Student Management System 1.0. It has been classified as problematic. This affects an unknown part of the file students_view.php. The manipulation of the argument FirstRecord leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-3529. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Complete Online Student Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file Marks_view.php. The manipulation of the argument FirstRecord leads to cross site scripting. This vulnerability was named CVE-2024-3530. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Campcodes Complete Online Student Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file courses_view.php. The manipulation of the argument FirstRecord leads to cross site scripting. The identification of this vulnerability is CVE-2024-3531. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in Campcodes Complete Online Student Management System 1.0. Affected is an unknown function of the file attendance_view.php. The manipulation of the argument FirstRecord leads to cross site scripting. This vulnerability is traded as CVE-2024-3532. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Linus Torvalds 在内核邮件列表上宣布释出 Linux 6.15-rc1，这标志着为期两周的合并窗口的关闭，预计正式版会在 5 月底或 6 月初发布。Linux 6.15 的主要新特性包括：IO_uring 网络零拷贝接收支持，英伟达开源内核驱动早期代码，改进 Zstd 压缩，Bcachefs 文件系统将其磁盘上格式视为“软冻结”状态，支持 AMD Versal NET SoC，AMD INVLPGB，改进 AMD Zen 5 和其它 Intel/AMD CPU 的 AES-CTR 加密性能，支持 AMD 新图形硬件，新 FWCTL 子系统，等等。

上周关注度较高的产品安全漏洞(20250331-20250406)

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞210个，其中高危漏洞94个、中危漏洞106个、低危漏洞10个。

上周关注度较高的产品安全漏洞(20250331-20250406)

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞210个，其中高危漏洞94个、中危漏洞106个、低危漏洞10个。

A vulnerability, which was classified as critical, has been found in Dutchmonkey DM FileManager 3.9.2. This issue affects some unknown processing of the file login.php. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2009-1741. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to add further authentication.

A vulnerability was found in vercel Next.js up to 14.2.24/15.2.2 and classified as critical. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument x-middleware-subrequest leads to improper authorization. This vulnerability is handled as CVE-2025-29927. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

With corporate layoffs and government workforce reductions frequently making headlines, leaders often underestimate the potential for massive data loss and intellectual property liability.

The post Corporate Layoffs Put Company IP at Risk  appeared first on Security Boulevard.