Aggregator

Alleged Data Sale of Ecocontrol Soc. Coop

微软正在为 Windows 11 开发一项新功能，该功能向用户解释硬件限制如何影响 PC 性能。在最新的开发者预览版本 build 26120.3576 和 22635.5090 中，设置>系统>关于下包含了一个隐藏的 FAQ 列表，它向用户解释了 GPU 显存、系统内存和操作系统版本的影响。该功能需要手动激活。它为内存较少或显存少于 4GB 的 GPU 等硬件配置提供了具体建议，并标记了过时的 Windows 版本。

Vanaf schepen houdt de zeemacht gevaren in de lucht in de gaten. Daarom patrouilleert het NAVO-vlootverband SNMG1 momenteel tussen IJsland en Groenland. Dit operatiegebied is strategisch belangrijk voor het bondgenootschap.

A vulnerability, which was classified as critical, was found in kuadrant 0.11.3. This affects an unknown part. The manipulation leads to permission issues. This vulnerability is uniquely identified as CVE-2024-53349. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in LoxiLB up to 0.9.7. Affected by this issue is some unknown functionality. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-53348. The attack can only be done within the local network. There is no exploit available.

A vulnerability classified as problematic was found in Envoy up to 1.30.9/1.31.5/1.32.3/1.33.0. Affected by this vulnerability is an unknown functionality of the component Websocket Handshake Handler. The manipulation leads to improper cleanup on thrown exception. This vulnerability is known as CVE-2025-30157. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in parse-server up to 7.5.1/8.0.1. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2025-30168. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in AWS Cloud Development Kit Command Line Interface up to 2.178.1. It has been rated as problematic. This issue affects some unknown processing of the component Credential Plugin. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere. The identification of this vulnerability is CVE-2025-2598. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Tenable Nessus Agent up to 10.8.2 on Windows. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to incorrect default permissions. This vulnerability was named CVE-2025-24915. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in LibreOffice up to 7.0.4/7.1.0. It has been classified as critical. This affects an unknown part of the component ODF Document Handler. The manipulation leads to improper certificate validation. This vulnerability is uniquely identified as CVE-2021-25635. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

The U.S. Department of Treasury announced today that it has removed sanctions against the Tornado Cash cryptocurrency mixer, which North Korean Lazarus hackers used to launder hundreds of millions stolen in multiple crypto heists. [...]

A vulnerability was found in vercel Next.js up to 14.2.24/15.2.2 and classified as critical. Affected by this issue is some unknown functionality of the component Header Handler. The manipulation of the argument x-middleware-subrequest leads to improper authorization. This vulnerability is handled as CVE-2025-29927. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in youki up to 0.5.2 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect default permissions. This vulnerability is known as CVE-2025-27612. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Guangzhou Hongfan Technology iOffice20. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2024-57490. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in PHPGurukul Vehicle Record Management System 1.0. This issue affects some unknown processing of the file /index.php. The manipulation of the argument searchinputdata leads to sql injection. The identification of this vulnerability is CVE-2025-29641. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. This vulnerability affects unknown code of the file /patient-report.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability was named CVE-2025-29640. The attack can be initiated remotely. There is no exploit available.

Виноват файл, на который вы даже не нажали.

布隆伯格(Michael Bloomberg)认为，过去二十年美国学区花了数十亿美元为教室配备笔记本电脑，然而学生的基本技能却下降了。目前有约九成的美国学校为学生提供​​了笔电，但学生的考试成绩则徘徊在历史最低点——只有 28% 的八年级学生熟练掌握数学，30% 的八年级学生熟练掌握阅读。研究证实，传统方法——在纸上阅读和写作——仍然优于基于屏幕的方法。设备会分散学生的注意力，研究表明，非学习活动后需要长达 20 分钟的时间才能重新集中注意力。布隆伯格建议学校重新考虑课堂电脑政策，呼吁学校重新使用书本和笔，而不是笔记本电脑和平板电脑。

Linux 6.14 возвращает старую логику планировщика задач.

A vulnerability, which was classified as problematic, was found in FlowiseAI Flowise up to 1.4.3. This affects an unknown part of the file /api/v1/public-chatflows/id of the component 404 Page. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-36423. It is possible to initiate the attack remotely. There is no exploit available.