Aggregator

A vulnerability classified as problematic has been found in Schweizerische Steuerkonferenz Library taxstatement.jar 2.2.2/2.2.4 on Windows. Affected is the function DocumentBuilder of the component PDF Handler. The manipulation leads to xml external entity reference. This vulnerability is traded as CVE-2024-8602. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in sigstore-python up to 3.5.x. This issue affects some unknown processing of the component Integration Time. The manipulation leads to missing cryptographic step. The identification of this vulnerability is CVE-2024-55655. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

[下载] Mozilla Firefox v133.0.3修复版本发布 修复部分界面没滚动条问题

 Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities tracked as CVE-2024-11639, CVE-2024-11772, and CVE-2024-11773, affect CSA versions 5.0.2 and earlier. Without mitigation, these flaws could allow malicious attackers to bypass authentication, execute remote code, and manipulate databases, posing significant risks to organizations relying on […]

The post Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

One of the most significant regulatory mandates on the horizon is the European Union’s Digital Operational Resilience Act (DORA).

The post Leveraging Crypto Agility to Meet DORA Requirements in Financial Services by January 2025 appeared first on Security Boulevard.

既然是个笑话那就没必要保留！火狐浏览器正在删除请勿追踪(DNT)选项

The U.S. has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. The U.S. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., faces charges for developing and testing a […]

Microsoft has patched dozens of vulnerabilities in December, including one zero-day being exploited in the wild

CVE-2024-11205 наделяет пользователей неожиданной властью.

时代中的 SaaS，Canva 如何转身。

Подводим робототехнические итоги года и с нетерпением ждем следующего.

12 月 17 日 19:00-21:00，来直播间，出品人冯佳时与你不见不散！

互联网平台成为社会不可或缺的公共基础设施，人类社会向深度媒介化、平台化方向发展。原属于政府的公共权力部分转移到互联网平台，平台成为新的网络权力中心。