2026年认知智能与内容安全教育部重点实验室开放课题申请指南
2026年认知智能与内容安全教育部重点实验室开放课题申请指南
Aggregator
CVE-2016-4978 | Apache ActiveMQ Artemis up to 1.3.x Broker/REST GetObject deserialization (RHSA-2017:1834 / Nessus ID 102139)
9 hours 33 minutes ago
A vulnerability described as critical has been identified in Apache ActiveMQ Artemis up to 1.3.x. This vulnerability affects the function GetObject of the component Broker/REST. Such manipulation leads to deserialization.
This vulnerability is documented as CVE-2016-4978. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2017-12174 | Artemis/HornetQ up to 2.3.x UDP Discovery Multicast Message resource consumption (RHSA-2018:0270 / Nessus ID 106651)
9 hours 33 minutes ago
A vulnerability, which was classified as problematic, has been found in Artemis and HornetQ up to 2.3.x. This affects an unknown part of the component UDP Discovery. Performing a manipulation as part of Multicast Message results in resource consumption.
This vulnerability is identified as CVE-2017-12174. The attack can be initiated remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2020-10727 | Apache ActiveMQ Artemis up to 2.12.0 Management API artemis-users.properties insufficiently protected credentials (Bug 1827200)
9 hours 33 minutes ago
A vulnerability categorized as problematic has been discovered in Apache ActiveMQ Artemis up to 2.12.0. Affected by this issue is some unknown functionality of the file etc/artemis-users.properties of the component Management API. Executing a manipulation can lead to insufficiently protected credentials.
This vulnerability is tracked as CVE-2020-10727. The attack is restricted to local execution. No exploit exists.
vuldb.com
CVE-2020-13932 | Apache ActiveMQ Artemis up to 2.13.0 MQTT client-id/topic name cross site scripting
9 hours 33 minutes ago
A vulnerability labeled as problematic has been found in Apache ActiveMQ Artemis up to 2.13.0. This affects an unknown function of the component MQTT Handler. The manipulation of the argument client-id/topic name as part of Packet results in cross site scripting.
This vulnerability is identified as CVE-2020-13932. The attack can be executed remotely. There is not any exploit available.
vuldb.com
CVE-2021-26117 | Apache ActiveMQ/ActiveMQ Artemis LDAP Login improper authentication
9 hours 33 minutes ago
A vulnerability, which was classified as critical, was found in Apache ActiveMQ and ActiveMQ Artemis. This vulnerability affects unknown code of the component LDAP Login Module. Such manipulation leads to improper authentication.
This vulnerability is uniquely identified as CVE-2021-26117. The attack can only be initiated within the local network. No exploit exists.
You should upgrade the affected component.
vuldb.com
CVE-2021-26118 | Apache ActiveMQ Artemis 2.15.0 OpenWire Protocol access control
9 hours 33 minutes ago
A vulnerability has been found in Apache ActiveMQ Artemis 2.15.0 and classified as critical. This issue affects some unknown processing of the component OpenWire Protocol Handler. Performing a manipulation results in improper access controls.
This vulnerability was named CVE-2021-26118. The attack needs to be approached within the local network. There is no available exploit.
vuldb.com
CVE-2021-26117 | Oracle FLEXCUBE Private Banking 12.0.0/12.1.0 Apache ActiveMQ improper authentication
9 hours 33 minutes ago
A vulnerability labeled as very critical has been found in Oracle FLEXCUBE Private Banking 12.0.0/12.1.0. This impacts an unknown function of the component Apache ActiveMQ. Executing a manipulation can lead to improper authentication.
This vulnerability is handled as CVE-2021-26117. The attack can be executed remotely. There is not any exploit available.
The affected component should be upgraded.
vuldb.com
CVE-2022-23913 | Apache ActiveMQ Artemis up to 2.19.0 resource consumption (Nessus ID 235116)
9 hours 33 minutes ago
A vulnerability marked as problematic has been reported in Apache ActiveMQ Artemis up to 2.19.0. Impacted is an unknown function. The manipulation leads to resource consumption.
This vulnerability is traded as CVE-2022-23913. It is possible to initiate the attack remotely. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2022-35278 | Apache ActiveMQ Artemis up to 2.23.x Address/Queue cross site scripting
9 hours 33 minutes ago
A vulnerability marked as problematic has been reported in Apache ActiveMQ Artemis up to 2.23.x. The affected element is an unknown function of the component Address/Queue. Performing a manipulation results in basic cross site scripting.
This vulnerability is known as CVE-2022-35278. Remote exploitation of the attack is possible. No exploit is available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2021-4040 | Red Hat AMQ Broker Messages resource consumption
9 hours 33 minutes ago
A vulnerability labeled as problematic has been found in Red Hat AMQ Broker. The impacted element is an unknown function of the component Messages Handler. The manipulation results in resource consumption.
This vulnerability is identified as CVE-2021-4040. The attack can only be performed from the local network. There is not any exploit available.
It is best practice to apply a patch to resolve this issue.
vuldb.com
CVE-2021-26117 | Oracle Enterprise Data Quality 12.2.1.4.0 General improper authentication
9 hours 33 minutes ago
A vulnerability has been found in Oracle Enterprise Data Quality 12.2.1.4.0 and classified as critical. This affects an unknown part of the component General. The manipulation leads to improper authentication.
This vulnerability is uniquely identified as CVE-2021-26117. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com
Один запрос, захват аккаунта и доступ к личным перепискам. Критическая дыра в phpBB поставила под удар миллионы форумов
9 hours 41 minutes ago
В phpBB нашли уязвимость, позволявшую обойти авторизацию и читать чужую переписку.
Hackers Use Microsoft Graph Reconnaissance to Target Payroll and HR Employees
9 hours 42 minutes ago
Hackers are using Microsoft’s own cloud tools to quietly hunt down payroll and HR staff inside corporate networks, then reroute employee salaries to accounts they control. Security teams are racing to respond as the campaign continues to spread across industries and borders. The attack method is deceptively clean. Instead of planting malware or exploiting software […]
The post Hackers Use Microsoft Graph Reconnaissance to Target Payroll and HR Employees appeared first on Cyber Security News.
Tushar Subhra Dutta
【生物战】美国国家情报总监加巴德披露美国纳税人资助的全球生物实验室计划的证据
9 hours 45 minutes ago
2026年6月12日,美国国家情报总监办公室新闻稿第10-26号发布:《美国国家情报总监加巴德披露美国纳税人资助的全球生物实验室计划的证据》
数百万学生就读学校位于有毒污染场地 5 公里内
9 hours 48 minutes ago
根据智库 Centre for Global Development 的地理分析,数百万儿童就读的学校附近存在已知的铅、汞、砷和杀虫剂等有毒污染。研究发现,亚洲、非洲和拉丁美洲 17 个国家的逾 25.2 万所学校位于有毒污染场地 5 公里范围内。这些学校有 4300 多万名儿童,其中 520 万名儿童位于 1 公里范围内。发达国家受污染影响的负担不成比例的落在贫困学生和非白人学生身上,但在发展中国家污染集中在富裕人群居住的城市,城市学校的规模通常更大,因此学生也更多——以菲律宾为例,9% 的学校靠近污染场地,而这些学校的学生总数占到全国学生总数的 27%。分析还显示,私立学校比公立学校更有可能位于污染场地附近。加纳 41% 的私立学校靠近污染场地,而公立学校的这一比例仅为 18%。
New attack turned Microsoft 365 Copilot into 1-click data theft tool
9 hours 52 minutes ago
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, OneDrive, or SharePoint account through a specially crafted URL. [...]
Bill Toulas
The Gentleman
9 hours 56 minutes ago
You must login to view this content
cohenido
The Gentleman
9 hours 56 minutes ago
You must login to view this content
cohenido
China-Nexus Hackers Use Backdoored PAM Modules for Credential Theft and Authentication Bypass
10 hours 10 minutes ago
A sophisticated China-linked threat actor known as Velvet Ant has been running a long-term cyber intrusion inside a major organization’s internal network, going undetected for nearly a decade. The campaign, now called Operation Highland, revealed a level of patience and technical depth rarely seen in publicly documented intrusions. What made this attack particularly alarming was […]
The post China-Nexus Hackers Use Backdoored PAM Modules for Credential Theft and Authentication Bypass appeared first on Cyber Security News.
Tushar Subhra Dutta