Aggregator

A vulnerability was found in Oracle Essbase 21.5.3.0.0. It has been classified as very critical. Affected is an unknown function of the component Essbase Web Platform. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2023-38545. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Oracle HTTP Server 12.2.1.4.0. It has been rated as very critical. Affected by this issue is some unknown functionality of the component Third Party. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2023-38545. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Oracle MySQL Cluster 8.0.34 and prior/8.1.0. It has been classified as very critical. Affected is an unknown function. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2023-38545. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in cURL up to 8.3.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component SOCKS5 Proxy Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2023-38545. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle MySQL Server up to 5.7.43/8.0.34/8.1.0 and classified as critical. Affected by this issue is some unknown functionality of the component Compiling. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2023-38545. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Oracle Database up to 19.21/21.12/23.3. It has been declared as critical. This vulnerability affects unknown code of the component Oracle Spatial/Graph. The manipulation leads to denial of service. This vulnerability was named CVE-2023-38545. The attack can be initiated remotely. There is no exploit available.

已修复

超过52个字符就会受影响

当前，我国数据产业蓬勃发展，产业规模约2万亿元，企业数量超19万家。进一步培育壮大数据产业，需聚焦数据“供得出、流得动、用得好、保安全”，加快形成主体多元、竞争有序、协同创新、繁荣活跃的数据产业生态。

为加快公共数据资源开发利用，充分释放公共数据要素潜能，推动数字经济高质量发展，9月21日，中共中央办公厅、国务院办公厅印发《关于加快公共数据资源开发利用的意见》。

《中共中央关于进一步全面深化改革、推进中国式现代化的决定》提出：“建立人工智能安全监管制度。”这是党中央统筹发展与安全，积极应对人工智能安全风险作出的重要部署。

根据2024年10月26日国家市场监督管理总局、国家标准化管理委员会发布的中华人民共和国国家标准公告，全国网络安全标准化技术委员会归口的3项国家标准正式发布。

随着数字化经济的飞速发展，网络环境也面临着诸多安全威胁，勒索软件攻击是近年来全球网络安全面临的主要威胁之一。对2024年勒索软件攻击及治理进行深入研究，旨在正确认识勒索软件，探索勒索软件攻击解决方案，以更高效地防范勒索软件攻击。

安全可靠测评通过对产品及其研发单位的核心技术、安全保障、持续发展等方面开展评估，评定产品的安全性和可持续性，实现对产品研发设计、生产制造、供应保障、售后维护等全生命周期安全可靠性的综合度量和客观评价。

A vulnerability classified as problematic has been found in Imperva SecureSphere 9.0.0.5. This affects an unknown part of the component Error Message Handler. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2013-4093. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Эксперименты показали высокую эффективность нового оружия.

Таганский суд Москвы обязал компанию выплатить 3,5 млн рублей.