Aggregator

A vulnerability was found in Linux Kernel up to 5.10.45/5.12.12. It has been declared as problematic. Affected by this vulnerability is the function __fpu__restore_sig. The manipulation leads to improper initialization. This vulnerability is known as CVE-2021-47227. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.127/5.10.45/5.12.12. It has been classified as critical. This affects the function mlx5_core. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2021-47246. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.12.12. This affects the function eem_tx_fixup of the component cdc_eem. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2021-47236. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in EasyCorp EasyAdmin up to 4.8.9. It has been declared as problematic. Affected by this vulnerability is the function Autocomplete of the file assets/js/autocomplete.js of the component Autocomplete. The manipulation of the argument item leads to cross site scripting. This vulnerability is known as CVE-2024-3081. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in SourceCodester Road Accident Map Marker 1.0. Affected by this issue is some unknown functionality of the file /endpoint/add-mark.php. The manipulation of the argument mark_name/details leads to cross site scripting. This vulnerability is handled as CVE-2024-13021. The attack may be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in SourceCodester Multi Role Login System 1.0. It has been classified as problematic. Affected is an unknown function of the file /endpoint/add-user.php. The manipulation of the argument Name leads to cross site scripting. This vulnerability is traded as CVE-2024-13069. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A recently discovered vulnerability in Docker Desktop for macOS is raising concerns in the developer and security communities. The flaw, which stems from the improper application of Registry Access Management (RAM) policies under certain conditions, could allow unauthorized access to potentially malicious container images-putting organizations at risk of supply chain attacks. Vulnerability Details When organizations enforce sign-in […]

The post Docker Registry Vulnerability Lets macOS Users Access Any Registry Without Authorization appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

WhatsApp, the world’s largest messaging platform, has announced a major leap in privacy-preserving artificial intelligence (AI) with the introduction of its new “Private Processing” system.  This technology enables users to access advanced AI features-such as message summarization and writing suggestions-while upholding WhatsApp’s core promise of end-to-end message secrecy, ensuring that not even Meta, WhatsApp, or […]

The post WhatsApp Introduces AI Tools With Promise of Full Message Secrecy appeared first on Cyber Security News.

一起见证AI技术飞速发展！

一起见证AI技术飞速发展！

CISA has added a critical SAP NetWeaver vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on April 29, 2025.  The zero-day flaw, tracked as CVE-2025-31324, carries a maximum CVSS score of 10.0 and has been actively exploited in the wild since at least March 2025. CVE-2025-31324: Critical SAP NetWeaver File Upload Flaw CVE-2025-31324 is an […]

The post CISA Warns SAP 0-day Vulnerability Exploited in the Wild  appeared first on Cyber Security News.

Saviynt launched AI-powered Identity Security Posture Management (ISPM) as part of its converged Identity Cloud platform. Saviynt’s ISPM provides actionable insights into an organization’s identity and access posture, offering an intelligent starting point to prioritizing and remediating risks. “As GE HealthCare became a stand-alone company, the demands around identity security and audit readiness significantly increased. We are excited for Saviynt’s ISPM to help us shift from a reactive to a proactive approach – empowering our … More →

The post Saviynt ISPM provides insights into an organization’s identity and access posture appeared first on Help Net Security.

本文提出了一种基于滑动窗口分割的序列流量表示方法，用于捕捉细粒度特征并构建多粒度流量表征

本文提出了一种基于滑动窗口分割的序列流量表示方法，用于捕捉细粒度特征并构建多粒度流量表征

Частная компания строит инфраструктуру для массовой слежки и депортации.

Meta on Tuesday announced LlamaFirewall, an open-source framework designed to secure artificial intelligence (AI) systems against emerging cyber risks such as prompt injection, jailbreaks, and insecure code, among others. The framework, the company said, incorporates three guardrails, including PromptGuard 2, Agent Alignment Checks, and CodeShield. PromptGuard 2 is designed to detect direct

这个五一假期因为拖延没有做好行程规划的人，你可能需要这个。

投稿送端午礼盒啦~

本次活动涵盖通用2.0、通用1.0

活动时间：2025年1月1日-5月18日23点59分59秒