Aggregator

A vulnerability was found in Flexera RISC Platform. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2021-41528. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

法国国有铁路公司 SNCF 对一名开扬声器打电话的乘客罚款 150 欧元。这位叫 David 的乘客告诉电视台 BFM，他在南特车站候车时与姐/妹通话，一名铁路公司的工作人员走过来要求他关闭手机扬声器，否则将会面临罚款。当他争辩时，他被处以 150 欧元的罚款。由于没有立即支付罚款，金额上升到了 200 欧元。David 表示计划聘请律师对此提出异议。SNCF 证实了此事，称原因是他打扰了其他乘客，表示如果他用扬声器播放音乐，情况也会相同。SNCF 要求乘客乘车时将手机调至静音或振动模式。如果确实要打电话，可以去车厢之间的连接处或去吧台车厢。如果乘客在火车上看电影或听播客或音乐，需要使用耳机。

A vulnerability was found in vllm up to 0.7.1. It has been declared as problematic. Affected by this vulnerability is the function hash. The manipulation of the argument constant leads to improper validation of integrity check value. This vulnerability is known as CVE-2025-25183. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Duitku Payment Gateway Plugin up to 2.11.4 on WordPress. This vulnerability affects the function check_duitku_response. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-0631. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in User Shortcodes Plus Plugin up to 2.0.2 on WordPress. This issue affects some unknown processing of the component Shortcode Handler. The manipulation leads to improper control of resource identifiers. The identification of this vulnerability is CVE-2023-6969. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Media Library Assistant Plugin up to 3.13 on WordPress. This issue affects some unknown processing of the component Shortcode Handler. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2024-2871. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in Juniper Junos OS and Junos OS Evolved. Affected by this vulnerability is an unknown functionality of the component l2cpd. The manipulation leads to handling of exceptional conditions. This vulnerability is known as CVE-2024-30380. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Samsung Mobile Devices. Affected is an unknown function of the component Secure Folder. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2024-20856. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Samsung Mobile Devices. This affects an unknown part of the component DarManagerService. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2024-20864. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Samsung Mobile Devices and classified as problematic. This vulnerability affects unknown code of the component Multitasking Framework. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-20855. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Samsung Mobile Devices. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component TelephonyUI. The manipulation leads to improper export of android application components. This vulnerability is known as CVE-2024-20860. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JetBrains TeamCity and classified as very critical. Affected by this issue is some unknown functionality. The manipulation leads to authentication bypass using alternate channel. This vulnerability is handled as CVE-2024-36470. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in WooCommerce plugin up to 2.6.2 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality of the component Social Login Handler. The manipulation leads to code injection. This vulnerability is handled as CVE-2024-5871. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in WooCommerce plugin up to 2.6.2 on WordPress. This vulnerability affects unknown code of the component Email Verification Handler. The manipulation leads to insufficiently random values. This vulnerability was named CVE-2024-5868. The attack can be initiated remotely. There is no exploit available.

移动操作系统是否会走向三足鼎立

移动操作系统是否会走向三足鼎立

30 строк кода, которые могут спасти гигаватты энергии.

为了打击数字支付领域日益增多的欺诈行为，印度央行 RBI 宣布为该国银行推出专属域名.bank.in。RBI 行长 Sanjay Malhotra 在声明中表示，此举旨在增强居民对网银服务的信任，减少网络安全威胁和网络钓鱼等恶意活动。.bank.in 域名的唯一注册商将是 The Institute for Development and Research in Banking’ Technology (IDRBT) ，将从 2025 年 4 月起开放注册。RBI 还计划为金融领域的非银行实体设立一个专属域名 fin.in。