Aggregator

センチュリー・システムズ株式会社が提供するFutureNet NXRシリーズには、REST-API機能が意図せず有効化される問題が存在します。

A vulnerability was found in Accellion File Transfer Appliance up to FTA_9_12. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component SSH Key Handler. The manipulation leads to improper access controls. This vulnerability is known as CVE-2016-2353. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

三菱電機製FAエンジニアリングソフトウェア製品には、Jungo社製WinDriverに起因する複数の脆弱性が存在します。

三菱電機製MELSEC iQ-Rシリーズおよび iQ-FシリーズのEtherNet/IPユニットならびにEtherNet/IP設定ツールには、複数の脆弱性が存在します。

A vulnerability was found in Cisco WRT54GC 1.05.7. It has been classified as problematic. This affects an unknown part of the file administration.cgi of the component Administration. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2009-1561. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Apple tvOS up to 12.3. Affected is an unknown function of the component Foundation. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2019-8641. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

有时候需要一些app，常驻后台，要保持唤醒状态。   可以使用termux执行命令： su -c svc power stayon true   true：保持设备处于唤醒...

A vulnerability classified as critical has been found in Apple iOS up to 10.2. This affects an unknown part of the component Kernel. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2017-2482. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

トレンドマイクロ株式会社から、Cloud Edge向けのアップデートが公開されました。

秘鲁国际银行 （Interbank）承认遭勒索组织攻击，攻击者成功入侵其IT系统，并窃取了相关用户数据。

A vulnerability, which was classified as critical, was found in Apple macOS up to 10.12.3. Affected is an unknown function of the component Kernel. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2017-2482. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

研究人员发现了 FakeCall 恶意软件的一个新变种，能够诱导受害者拨打诈骗电话，导致身份信息被窃取。

A vulnerability classified as problematic was found in Mini Inventory and Sales Management System. Affected by this vulnerability is an unknown functionality of the file /email/welcome.php. The manipulation of the argument Title leads to cross site scripting. This vulnerability is known as CVE-2024-42550. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Google Chrome. Affected by this issue is some unknown functionality of the component V8 API. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-7974. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in vernemq 2.0.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to uncontrolled memory allocation. This vulnerability is traded as CVE-2024-44459. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in NanoMQ 0.21.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Read Size Handler. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-44460. Access to the local network is required for this attack. There is no exploit available.

A vulnerability classified as critical was found in agnaistic agnai up to 1.0.329. This vulnerability affects unknown code. The manipulation leads to path traversal: '.../...//'. This vulnerability was named CVE-2024-47169. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in agnaistic agnai up to 1.0.329. This issue affects some unknown processing. The manipulation leads to path traversal: '.../...//'. The identification of this vulnerability is CVE-2024-47171. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in cvat up to 2.18.x. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-47063. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in cvat-ai cvat up to 2.19.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect authorization. This vulnerability is known as CVE-2024-47172. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.