Aggregator

Hover Zoom+ 是一款开源浏览器扩展，在鼠标悬停时放大图片和视频，支持 383 个网站如微博、知乎等。它安全可靠且免费获取。

A vulnerability was found in Apache EventMesh Runtime up to 1.11.0. It has been declared as critical. This vulnerability affects unknown code of the file WebhookUtil.java. The manipulation leads to server-side request forgery. This vulnerability was named CVE-2024-39954. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Ubiquiti UCRM Client Signup Plugin up to 1.3.4. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2025-24289. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Zij werden ingezet bij diverse missies, van Indonesië tot die in Kosovo of Irak. In ‘Door de ogen van onze veteranen’ vertellen (oud)-militairen van diverse krijgsmachtdelen hoe zij vochten voor vrijheid. Bovenal kijken zij naar wat er nu nodig is om die vrijheid te bewaren, nu de dreiging wereldwijd toeneemt.

A vulnerability was found in Ethereum RLPx 5 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to missing cryptographic step. This vulnerability is handled as CVE-2015-20112. The attack can only be done within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Ubiquiti UISP Application up to 2.4.206 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2025-24290. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Samsung rLottie 0.2. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE-2025-53075. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

Android 16新增两项安全功能：当基站请求IMEI时弹出提醒，并可设置禁用2G网络以防范伪基站威胁。但这些功能可能仅限于新设备，旧设备因基带兼容性问题无法启用。

A vulnerability, which was classified as problematic, has been found in Samsung rLottie 0.2. This issue affects some unknown processing. The manipulation leads to buffer over-read. The identification of this vulnerability is CVE-2025-53076. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

中科院海洋所研究团队与德法研究人员合作在 PNAS 期刊发表论文，基于海洋沉积物中的黑碳记录，重建了过去 30万 年以来东亚北部的古火演化历史，结合欧洲、东亚、东南亚及澳大利亚区域的记录以及考古遗址大数据，发现现代人类大规模用火始于约 5 万年前。考古学研究发现，人类最早的用火记录可追溯至约 170 万年前。但关于人类究竟何时开始大规模用火，目前仍难以给出确切的答案。黑碳是生物质及化石燃料燃烧过程中所生成的一系列含碳化合物的统称。鉴于其芳香族结构具备高度稳定性，黑碳能够在沉积环境中得以长期留存。以大河作为主要沉积物源区的边缘海，其沉积物中的黑碳很大程度上能够反映大陆尺度的火活动状况。研究认为，5 万年前的冰期，现代人类开启了第二次走出非洲的迁徙历程。冰期海平面下降，印太暖池区大面积的陆架出露为陆地，雨林屏障作用减弱，使得人类在不到一万年的时间里就迅速扩散至东亚、东南亚乃至澳大利亚。人口的急剧扩张极大地促进了用火频率的上升。此外，冰期气候寒冷，食物资源相对匮乏，人类对用火的需求也随之大幅增加。这些因素最终共同促成了 5 万年前成为人类开始大规模用火的关键时间节点。这也进一步表明，人类可能在末次冰期就已经通过用火在全球碳循环演变中留下了深刻印记。

A vulnerability classified as critical was found in Samsung rLottie 0.2. This vulnerability affects unknown code. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2025-53074. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Contact Form Plugin up to 1.1.28 on WordPress. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-5730. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Syed Balkhi WP Lightbox 2 Plugin on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Title Attribute Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2025-3745. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung rLottie 0.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to use after free. This vulnerability is known as CVE-2025-0634. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Honor PC Manager 16.0.0.118. It has been classified as problematic. Affected is an unknown function of the component Named Pipe Handler. The manipulation leads to privilege escalation. This vulnerability is traded as CVE-2025-46014. The attack needs to be approached within the local network. Furthermore, there is an exploit available.

A vulnerability was found in Ubiquiti UniFi Network Application 8.1.113/8.4.58/8.4.59 and classified as critical. This issue affects some unknown processing of the component Enterprise Wifi/VPN Server. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2025-24292. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

コニカミノルタ株式会社が提供するbizhubシリーズには、Pass-Back攻撃が可能になる脆弱性が存在します。

コニカミノルタ株式会社が提供する複合機（MFP）のWeb Connectionには、複数の脆弱性が存在します。

两项研究发现消费者对 AI 产品信任度低，购买意愿也低。AI 对产品推广产生了负面影响，这种影响在高风险产品中尤其显著，低风险产品则不太明显。在其中一项研究中，研究人员将参与者分成两组，每组大约 100 人。一组阅读突出 AI 或 AI-powered 等特性的虚构产品和服务的广告，另一组阅读的广告使用了新技术或配备了尖端技术等术语。相比另一组，阅读带有 AI 等关键词广告的参与者报告尝试或购买相关产品和服务的可能性较低。另一项研究由市场研究公司 Parks Associates 完成，调查规模更大。在接受调查的约 4000 名美国人中，18% 的人表示 AI 可能会增加购买意愿，24% 的人表示不太可能，而 58% 的人表示 AI 对他们没有影响。

Хотели удобства? Получите проблемы! Бесконтактные платежи — любимая игрушка киберпреступников.