Aggregator

CVE-2025-21377 | Microsoft Windows up to Server 2025 NTLM Hash file inclusion

10 months 4 weeks ago

A vulnerability was found in Microsoft Windows. It has been rated as problematic. Affected by this issue is some unknown functionality of the component NTLM Hash. The manipulation leads to file inclusion. This vulnerability is handled as CVE-2025-21377. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2025-21419 | Microsoft Windows up to Server 2025 Setup Files Cleanup link following

Vuldb Updates

10 months 4 weeks ago

A vulnerability was found in Microsoft Windows. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Setup Files Cleanup. The manipulation leads to link following. This vulnerability is known as CVE-2025-21419. Attacking locally is a requirement. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2025-21287 | Microsoft Windows up to Server 2025 Installer privileges management

Vuldb Updates

10 months 4 weeks ago

A vulnerability was found in Microsoft Windows. It has been classified as critical. Affected is an unknown function of the component Installer. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2025-21287. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2024-20659 | Microsoft Windows up to Server 2022 23H2 Hyper-V input validation

Vuldb Updates

10 months 4 weeks ago

A vulnerability, which was classified as critical, has been found in Microsoft Windows up to Server 2022 23H2. Affected by this issue is some unknown functionality of the component Hyper-V. The manipulation leads to improper input validation. This vulnerability is handled as CVE-2024-20659. The attack needs to be approached within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2014-5470 | Actual Analyzer up to 2014-08-29 ant os command injection (EDB-35549)

Vuldb Updates

10 months 4 weeks ago

A vulnerability has been found in Actual Analyzer up to 2014-08-29 and classified as critical. This vulnerability affects unknown code. The manipulation of the argument ant leads to os command injection. This vulnerability was named CVE-2014-5470. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

vuldb.com

CVE-2024-7014 | Telegram App up to 10.14.4 on Android Video EvilVideo input validation

Vuldb Updates

10 months 4 weeks ago

A vulnerability, which was classified as critical, has been found in Telegram App up to 10.14.4 on Android. This issue affects some unknown processing of the component Video Handler. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2024-7014. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-43487 | Microsoft Windows up to Server 2019 Mark of the Web protection mechanism

Vuldb Updates

10 months 4 weeks ago

A vulnerability has been found in Microsoft Windows up to Server 2019 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Mark of the Web. The manipulation leads to protection mechanism failure. This vulnerability is known as CVE-2024-43487. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

点击查看→云众可信“网络安全靶场”如何守护关键基础设施安全！

嘶吼

10 months 4 weeks ago

云众可信“网络安全靶场平台”紧贴实战、注重效能，能够为客户提供全面系统的网络靶场建设规划和灵活可靠的产品与服务支撑，并且实现全系国产化适配，适用于各行业安全建设需求。目前，平台已成功应用于大型央企、科研院所等单位，并在政府、工业控制、金融、通信等关键行业表现出众，赢得了客户的高度信赖与一致好评。

接下来，让我们通过一组海报，深入了解云众可信“网络安全靶场平台”如何赋能关键基础设施行业，助力构建坚实的网络安全底座，开启数字化时代的网络安全新篇章。

云众可信“网络安全靶场平台”不仅能够满足开展“实战演练、测试验证、技术研究、试验鉴定、效能评估”等多样任务需求，还在培养实战型信息安全人才方面优势显著，助力客户从容应对复杂多变的安全挑战，全面提升网络安全防御能力，筑牢数字化转型的安全基石。

企业资讯

CVE-2025-0639 | GitLab Community Edition/Enterprise Edition up to 17.9.6/17.10.4/17.11.0 allocation of resources

VulDB Recent Entries

10 months 4 weeks ago

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.9.6/17.10.4/17.11.0 and classified as critical. This issue affects some unknown processing. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-0639. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-12244 | GitLab Enterprise Edition up to 17.9.6/17.10.4/17.11.0 Project authorization

VulDB Recent Entries

10 months 4 weeks ago

A vulnerability has been found in GitLab Enterprise Edition up to 17.9.6/17.10.4/17.11.0 and classified as problematic. This vulnerability affects unknown code of the component Project Handler. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-12244. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-35965 | Mattermost up to 9.11.10/10.4.2/10.5.0 UpdateRunTaskActions allocation of resources

VulDB Recent Entries

10 months 4 weeks ago

A vulnerability, which was classified as critical, was found in Mattermost up to 9.11.10/10.4.2/10.5.0. This affects the function UpdateRunTaskActions. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2025-35965. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

【活动报名】腾讯安全沙龙第3期（成都站）诚邀大咖一起参加！

数世咨询

10 months 4 weeks ago

【活动报名】腾讯安全沙龙第3期（成都站）诚邀大咖一起参加！

RSAC 2025创新沙盒 | MIND：引领AI时代的数据安全革新者

数世咨询

10 months 4 weeks ago

RSAC 2025 创新沙盒 TOP10

别怪技术不够硬，网络钓鱼拿捏的就是“人性漏洞”

数世咨询

10 months 4 weeks ago

AI 写文案、深度伪造语音、锁定你最熟悉的品牌与同事——2025 年的网络钓鱼，比你想象得更“懂人性”。IBM 报告显示，钓鱼已成全球第二大数据泄露元凶，人均损失 476 万美元。问题不在技术，而在于人的注意力与情绪，被黑客精准利用。

腾讯云安全威胁情报专项场景发布：钓鱼欺诈篇

腾讯安全威胁情报中心

10 months 4 weeks ago

腾讯云安全威胁情报专项场景发布：钓鱼欺诈篇

腾讯安全威胁情报中心

10 months 4 weeks ago

Google Gemini 有 3.5 亿月活用户

Solidot

10 months 4 weeks ago

根据正在进行中的 Google 反垄断诉讼披露的内部数据，截至今年 3 月 Google 的 AI 聊天机器人 Gemini 全球有 3.5 亿月活跃用户。Gemini 去年 10 月的日活用户仅为 900 万，但今年 3 月已经增加到了 3500 万。根据法庭文件，Google 估计 ChatGPT 的月活用户为 6 亿。ChatGPT 是目前最受欢迎的 AI 聊天机器人。

The Human Advantage in the Age of Technological Uncertainties

Security Boulevard

10 months 4 weeks ago

Our excessive reliance on technology has disabled us from crossing the barriers to experience, sense, and relate with others the way we used to.

The post The Human Advantage in the Age of Technological Uncertainties appeared first on Security Boulevard.

Steve Durbin

Discord 准备 IPO，CEO 兼联合创始人辞职

Solidot

10 months 4 weeks ago

在玩家中非常受欢迎的社交服务 Discord 准备 IPO，但尚未宣布，它现在任命了一位新 CEO，表明它正朝着上市的目标继续推进。CEO 兼联合创始人 Jason Citron 辞职，但仍然会留在董事会，新 CEO 为前动视暴雪和 King 的高管 Humam Sakhnini。Citron 去年透露 Discord 有 870 名员工和逾 2 亿月活用户。Discord 的另一位联合创始人 Stanislav Vishnevskiy 将继续担 CTO。

CVE-2024-2637 | B&R Industrial Automation VC4 Files uncontrolled search path

Vuldb Updates

10 months 4 weeks ago

A vulnerability classified as critical was found in B&R Industrial Automation Scene Viewer, Automation Runtime, mapp Vision, mapp View, mapp Cockpit, mapp Safety and VC4. Affected by this vulnerability is an unknown functionality of the component Files Handler. The manipulation leads to uncontrolled search path. This vulnerability is known as CVE-2024-2637. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Aggregator

Managed ad