Aggregator

CVE-2005-0799 | Sun MySQL up to 4.1.9 on Windows denial of service (Nessus ID 17826 / ID 19676)

Vuldb Updates
10 hours 36 minutes ago
A vulnerability was found in Sun MySQL up to 4.1.9 on Windows. It has been classified as critical. Affected is an unknown function. The manipulation leads to denial of service. This vulnerability is traded as CVE-2005-0799. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Faster Not Bigger: New R1T2 LLM Combines DeepSeek Versions

DataBreachToday.com
10 hours 43 minutes ago
German Consultancy's Latest LLM Aims to Reduce Costs, Preserve Reasoning Skills
Say hello to DeepSeek-TNG R1T2 Chimera, a large language model built by German firm TNG Consulting, using three different DeepSeek LLMs. The goal of R1T2 is to provide a faster LLM with more predictable performance that maintains full reasoning accuracy.

Editors' Panel: Pro-Iran Hackers Threaten to Leak Trump Data

DataBreachToday.com
10 hours 43 minutes ago
Also: Medicare Data Breach; Gartner Security & Risk Management Summit Takeaways
In this week's update, ISMG editors discussed Iran-linked hackers claiming to steal emails from Trump's inner circle, how to refine application development in the age of AI, and a U.S. Medicare data breach amplifying concerns over the safety, security and privacy of federal health systems.

EU Pledges 'No Pause' Over Enforcement of Bloc's AI Act

DataBreachToday.com
10 hours 43 minutes ago
Rejects Business and AI Leaders' Call for Two-Year Enforcement Moratorium
Expect to see no pause in the EU's enforcement of new rules governing artificial intelligence, a spokesperson for the European Commission said amid intensifying calls for officials to "stop the clock" over implementing the bloc's AI Act, in the name of innovation and competition.

CVE-2023-35790 | libjxl 0.8.2 dec_patch_dictionary.cc integer underflow (Nessus ID 241348)

Vuldb Updates
10 hours 48 minutes ago
A vulnerability has been found in libjxl 0.8.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file dec_patch_dictionary.cc. The manipulation leads to integer underflow. This vulnerability is known as CVE-2023-35790. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-6221 | corydolphin flask-cors up to 4.0.1 Configuration Options access control (Nessus ID 241350)

Vuldb Updates
10 hours 48 minutes ago
A vulnerability was found in corydolphin flask-cors up to 4.0.1 and classified as critical. Affected by this issue is some unknown functionality of the component Configuration Options Handler. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-6221. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2023-6378 | QOS logback 1.4.11 Logback Receiver denial of service (Nessus ID 241352)

Vuldb Updates
10 hours 48 minutes ago
A vulnerability, which was classified as problematic, has been found in QOS logback 1.4.11. This issue affects some unknown processing of the component Logback Receiver. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-6378. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2017-17215 华为HG532路由器RCE漏洞复现

先知技术社区
10 hours 58 minutes ago
漏洞描述CVE-2017-17215是CheckPoint团队披露的远程命令执行(RCE)漏洞,存在于华为HG532路由器中。该设备支持名为DeviceUpgrade的一种服务类型,可通过向/ctrlt/DeviceUpgrade_1的地址提交请求,来执行固件的升级操作。可通过向37215端口发送数据包,启用UPnP协议服务,并利用该漏洞,在NewStatusURL或NewDownloadURL标

从0到1大模型MCP自动化漏洞挖掘实践

先知技术社区
10 hours 58 minutes ago
本篇文章将从 0 到 1 带你实现一个 基于大模型+MCP 协议+开源信息收集工具 的自动化漏洞挖掘工具,真正迈入「模型驱动安全工具链」的新时代。AI批量刷洞的时代即将来临!!!

Managed ad