Aggregator

CVE-2015-5118 | Adobe Flash Player prior 11.2.202.481/13.0.0.302/18.0.0.203 memory corruption (RHSA-2015:1214 / EDB-37880)

Vuldb Updates
5 months 1 week ago
A vulnerability classified as critical has been found in Adobe Flash Player. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2015-5118. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2011-0506 | Tsixm AxDCMS 0.1.1 modules/profile/user.php aXconf[default_language] path traversal (EDB-15938 / XFDB-64547)

Vuldb Updates
5 months 1 week ago
A vulnerability, which was classified as critical, was found in Tsixm AxDCMS 0.1.1. Affected is an unknown function of the file modules/profile/user.php. The manipulation of the argument aXconf[default_language] leads to path traversal. This vulnerability is traded as CVE-2011-0506. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2012-1007 | Apache Struts 1.3.10 processSimple.do message cross site scripting (EDB-18452 / Nessus ID 60094)

Vuldb Updates
5 months 1 week ago
A vulnerability was found in Apache Struts 1.3.10. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file struts-cookbook/processSimple.do. The manipulation of the argument message leads to cross site scripting. This vulnerability is known as CVE-2012-1007. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

小小的日志,大大的坑

FreeBuf互联网安全新媒体平台
5 months 1 week ago
作者:京东零售 王军1. 背景压测过程中优化线程池以后单机qps存在性能瓶颈,优化过程中发现默认线程池及日志对性能存在严重的影响所以引发了一系列对日志优化的整理2.哪些场景可能导致性能问题在任何系统中,日志都是非常重要的组成部分,它是反映系统运行情况的重要依据,也是排查问题时的必要线索。绝大多数人都认可日志的重要性,但是又有哪些场景可能导致性能问题?今天就让我们来聊聊Java日志性能那些事。2.1

韩国机器人数量超过了工人的十分之一

Solidot
5 months 1 week ago
根据 World Robotics 2024 的调查,韩国机器人数量超过了工人的十分之一:每万名工人就有 1102 台机器人。在低生育率人口减少的推动之下,韩国成为第一个机器人取代十分之一劳动力的国家。韩国工厂中机器人数量是世界其它国家的两倍。在机器人占比上只有新加坡接近韩国,新加坡每万名工人有 770 台机器人。中国则是最大的机器人市场,2023 年安装了 2,76,288 台机器人,占全球总安装量的 51%。而韩国的机器人密度自 2018 年以来平均每年增长 5%。

CVE-2009-1415 | gnu gnutls up to 2.6.1 lib/pk-libgcrypt.c credentials management (EDB-32964 / Nessus ID 40661)

Vuldb Updates
5 months 1 week ago
A vulnerability was found in gnu gnutls up to 2.6.1 and classified as problematic. This issue affects some unknown processing in the library lib/pk-libgcrypt.c. The manipulation leads to credentials management. The identification of this vulnerability is CVE-2009-1415. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

The Hackers News
5 months 1 week ago
Veeam has released security updates to address a critical flaw impacting Service Provider Console (VSPC) that could pave the way for remote code execution on susceptible instances. The vulnerability, tracked as CVE-2024-42448, carries a CVSS score of 9.9 out of a maximum of 10.0. The company noted that the bug was identified during internal testing. "From the VSPC management agent machine, under
The Hacker News

SafeLine: Open-source web application firewall (WAF)

Help Net Security
5 months 1 week ago

SafeLine is an open-source and self-hosted Web Application Firewall (WAF) that protects websites from cyber attacks. “SafeLine WAF was created to protect web applications for small and medium-sized enterprises from cyber threats by monitoring and filtering HTTP/HTTPS traffic. More importantly, with the widespread use of Gen AI, automated website traffic has become increasingly overwhelming, negatively impacting the normal user experience and business operations. Therefore, we aim to create a WAF with robust anti-bot and anti-HTTP … More →

The post SafeLine: Open-source web application firewall (WAF) appeared first on Help Net Security.

Mirko Zorz

Managed ad