Aggregator

Django Security Update, Patch for DoS & SQL Injection Vulnerability

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

5 months 1 week ago

The Django team has issued critical security updates for versions 5.1.4, 5.0.10, and 4.2.17. These updates address two vulnerabilities: a potential denial-of-service (DoS) attack in the strip_tags() method and a high-severity SQL injection risk in Oracle databases. All developers and system administrators using affected versions are strongly encouraged to update to the newly released versions to ensure […]

The post Django Security Update, Patch for DoS & SQL Injection Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

微步协助统信修复提权漏洞

微步在线研究响应中心

5 months 1 week ago

立即查看漏洞详情

第21届中国信息和通信安全学术会议(CCICS 2024) 会议通知

信息安全国家工程研究中心

5 months 1 week ago

Spring漏洞测试与利用

Tide安全团队

5 months 1 week ago

Spring Boot是一个开源的Java框架，用于简化创建生产级的RESTful服务和应用程序的过程。然而，如果Spring Boot应用程序中存在安全漏洞，可利用这些漏洞来访问或修改应用程序的数据，或者获得未授权的系统访问权限。

Spring漏洞测试与利用

Tide安全团队

5 months 1 week ago

疑似俄罗斯APT组织针对他国APT组织的基础设施展开攻击，扩大攻击范围——每周威胁情报动态第203期（11.29-12.05）

不安全

5 months 1 week ago

疑似俄罗斯APT组织针对他国APT组织的基础设施展开攻击，扩大攻击范围——每周威胁情报动态第203期（11.29-12.05）

Spring漏洞测试与利用

Tide安全团队

5 months 1 week ago

News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category

不安全

5 months 1 week ago

News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category

Sarcoma

Dark Feed IO

5 months 1 week ago

cohenido

Turla и конкуренты: сети соперников становятся марионетками хакеров

Securitylab.ru

5 months 1 week ago

Интересная стратегия группы позволяет одновременно избежать обнаружения и подставить конкурентов.

CVE-2008-2333 | Barracuda Spam Firewall cgi-bin/ldap_test.cgi email cross site scripting (EDB-31828 / Nessus ID 32434)

Vuldb Updates

5 months 1 week ago

A vulnerability was found in Barracuda Spam Firewall. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file cgi-bin/ldap_test.cgi. The manipulation of the argument email leads to cross site scripting. This vulnerability is known as CVE-2008-2333. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

Rockwell Automation Warns of Multiple Code Execution Vulnerabilities in Arena

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

5 months 1 week ago

Rockwell Automation has issued a critical security advisory addressing multiple remote code execution (RCE) vulnerabilities discovered in its Arena® software. These vulnerabilities, reported by the Zero Day Initiative (ZDI), expose systems to potential exploitation by adversaries looking to execute arbitrary code. With the release of updated software versions, Rockwell Automation has taken corrective action and […]

The post Rockwell Automation Warns of Multiple Code Execution Vulnerabilities in Arena appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Google делает Android еще круче: что нового в обновлении?

Securitylab.ru

5 months 1 week ago

ИИ научился считывать эмоции и делать точные описания.

Hundred of CISCO switches impacted by bootloader flaw

不安全

5 months 1 week ago

Hundred of CISCO switches impacted by bootloader flaw

CVE-2007-3594 | ManageEngine OpManager map/ping.do name cross site scripting (EDB-30275 / XFDB-35263)

Vuldb Updates

5 months 1 week ago

A vulnerability was found in ManageEngine OpManager. It has been classified as problematic. Affected is an unknown function of the file map/ping.do. The manipulation of the argument name leads to basic cross site scripting. This vulnerability is traded as CVE-2007-3594. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com