Aggregator

苹果紧急修复两个高危iOS漏洞，已被用于复杂攻击！

A vulnerability was found in Mozilla Firefox, Firefox ESR and Thunderbird. It has been rated as critical. This issue affects some unknown processing of the component Top-Level Await Handler. The manipulation leads to code injection. The identification of this vulnerability is CVE-2022-1802. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Mozilla Firefox, Firefox ESR and Thunderbird. Affected is an unknown function of the component Javascript Object Handler. The manipulation leads to code injection. This vulnerability is traded as CVE-2022-1529. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.9 and classified as problematic. Affected by this issue is some unknown functionality of the component Braille Space Handler. The manipulation leads to improper certificate validation. This vulnerability is handled as CVE-2022-1834. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Thunderbird up to 91.8. It has been classified as problematic. This affects an unknown part of the component Email Message Handler. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2022-1520. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Mozilla Firefox up to 100 on iOS. Affected by this issue is some unknown functionality of the component Search Term Handler. The manipulation leads to sql injection. This vulnerability is handled as CVE-2022-1887. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

疑似某红队CS样本分析一

新闻速览 •加密聊天成破案关键：欧洲”云端行动”捣毁跨国毒品网络 •备受争议的4cha […]

本文内容摘自为安全牛最新发布的《智能化安全运营中心应用指南（2025年）》研究报告 当前，企业IT环境极其复杂 […]

微信首个 AI 助手上线：可与「元宝」在聊天框对话 抖音启动「外贸优品专项扶持计划」 谷歌发新工具，专治后台「捣乱」安卓应用

ABB Cylon Aspect 3.08.02 (deployStart.php) - Unauthenticated Command Execution

ABB Cylon Aspect 3.08.02 (ethernetUpdate.php) - Authenticated Path Traversal

Angular-Base64-Upload Library 0.1.21 - Unauthenticated Remote Code Execution (RCE)

Usermin 2.100 - Username Enumeration

Blood Bank & Donor Management System 2.4 - CSRF Improper Input Validation

compop.ca 3.5.3 - Arbitrary code Execution

AnyDesk 9.0.1 - Unquoted Service Path