Aggregator

CVE-2018-20218 | Teracue ENC-400 up to 2.56 Login Form /usr/share/www/check.lp password command injection (EDB-46451)

Vuldb Updates
9 months 3 weeks ago
A vulnerability classified as critical was found in Teracue ENC-400 up to 2.56. Affected by this vulnerability is an unknown functionality of the file /usr/share/www/check.lp of the component Login Form. The manipulation of the argument password as part of Parameter leads to command injection. This vulnerability is known as CVE-2018-20218. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

喜迁新址,筑梦新程,乔迁庆典圆满完成,爱加密再启新篇

嘶吼
9 months 3 weeks ago

2024年9月20日,爱加密正式乔迁至龙旗大厦,爱加密CEO赵凯、人力资源总监朱婷,公司所在街道办事处经济工作专班负责人及龙旗大厦市场负责人出席乔迁庆典。花篮盛放,彩带飘扬,众多客户、行业专家为爱加密送上祝福,现场人声鼎沸,热闹非凡。

2024年爱加密对品牌进行全面升级并迁入新址,是爱加密步入新发展阶段的重要标志之一,是爱加密开启新征程的基础。

剪彩环节将本次庆典气氛推入高潮,爱加密CEO赵凯、人力资源总监朱婷,公司所在街道办事处经济工作专班负责人及龙旗大厦市场负责人出席剪彩仪式,手持金剪,为公司剪彩,共同见证爱加密迁入龙旗大厦的里程碑时刻。

在座谈会中,爱加密向所在街道办事处经济工作专班负责人及龙旗大厦市场负责人介绍了移动安全行业、网络安全现状,并基于爱加密大数据平台展示了移动安全态势。在场嘉宾就技术前沿趋势与反诈等网络安全具体应用场景深度畅谈。

在过去10余年间,爱加密作为移动安全行业领军者,见证移动安全行业从萌芽到蓬勃的发展历程,为移动安全行业贡献自己的力量。爱加密将紧跟国家战略,积极配合监管部门工作,践行产业报告,进一步为移动安全领域的发展贡献力量! 

爱加密

MC2 Data leak Exposes 100 million+ US Citizens Data

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
9 months 3 weeks ago

Researchers have uncovered a massive data breach at MC2 Data, a prominent background check firm. The breach has exposed sensitive information of over 100 million US citizens, raising serious concerns about data privacy and security. Background Check Firms Under Scrutiny MC2 Data is part of an industry that compiles and analyzes data from various public […]

The post MC2 Data leak Exposes 100 million+ US Citizens Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

国际工会联合会认为亚马逊、特斯拉和 Meta 有害于民主

Solidot
9 months 3 weeks ago
世界最大的跨国工会组织国际工会联合会(ITUC)将亚马逊、黑石集团、埃克森美孚、嘉能可、特斯拉、Meta 和先锋集团七家公司列入破坏民主的企业名单。ITUC 称大型跨国巨头开始利用其影响力影响全球事务,它们破坏工会,侵犯人权,垄断媒体和技术,加剧气候灾难,以及通过破坏民主去保护和扩大自身利润的方式尝试将公共服务私有化。ITUC 指出,这些企业通过游说、破坏民意,破坏现有或新的要求它们承担责任的全球政策。对更大企业权力的渴望,不可避免将企业利益与现代极右翼等反民主政治运动形成密切关系。右翼政客支持降税、削减工人工资、打击工会等政策肯定会让亚马逊、特斯拉和 Meta 等公司感到高兴。

Telegram Agrees to Share User Data With Authorities for Criminal Investigations

The Hackers News
9 months 3 weeks ago
In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone numbers to authorities in response to valid legal requests in an attempt to rein in criminal activity on the platform. "We've made it clear that the IP addresses and phone numbers of those who violate our rules can be disclosed to relevant authorities in response to valid legal
The Hacker News

CVE-2024-8103 | WP Category Dropdown Plugin up to 1.8 on WordPress align cross site scripting

VulDB Recent Entries
9 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in WP Category Dropdown Plugin up to 1.8 on WordPress. This affects an unknown part. The manipulation of the argument align leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8103. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2024-8917 | AnWP Football Leagues Plugin up to 0.16.7 on WordPress SVG File Upload cross site scripting

VulDB Recent Entries
9 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in AnWP Football Leagues Plugin up to 0.16.7 on WordPress. Affected by this issue is some unknown functionality of the component SVG File Upload Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-8917. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-8919 | Confetti Fall Animation Plugin up to 1.3.0 on WordPress Shortcode cross site scripting

VulDB Recent Entries
9 months 3 weeks ago
A vulnerability classified as problematic was found in Confetti Fall Animation Plugin up to 1.3.0 on WordPress. Affected by this vulnerability is an unknown functionality of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-8919. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-8267 | Radio Player Plugin up to 2.0.78 on WordPress Attribute align cross site scripting

VulDB Recent Entries
9 months 3 weeks ago
A vulnerability was found in Radio Player Plugin up to 2.0.78 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Attribute Handler. The manipulation of the argument align leads to cross site scripting. This vulnerability was named CVE-2024-8267. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2024-39928 | Apache Linkis 1.3.x/1.4.x/1.5.x Spark EngineConn random values

VulDB Recent Entries
9 months 3 weeks ago
A vulnerability was found in Apache Linkis 1.3.x/1.4.x/1.5.x and classified as problematic. Affected by this issue is some unknown functionality of the component Spark EngineConn. The manipulation leads to insufficiently random values. This vulnerability is handled as CVE-2024-39928. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad