Aggregator

A vulnerability classified as problematic was found in Moodle 2.6.8/2.7.5/2.8.3. This vulnerability affects unknown code of the component Block Title Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2015-2269. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

新闻速览 国家密码管理局废止、宣布失效部分行政规范性文件 PayPal因安全措施不力被罚200万美元 华硕意外 […]

A vulnerability, which was classified as critical, has been found in YourFreeWorld Banner Management. This issue affects some unknown processing of the file trackads.php. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2010-4981. The attack may be initiated remotely. Furthermore, there is an exploit available.

Segnalo la mia presentazione "Aggiornamento legislativo 2025" (pdf, 2,2 MB): https://www.cesaregallo

A vulnerability has been found in Adobe Flash Player up to 25.0.0.148 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Advanced Video Coding Engine. The manipulation leads to memory corruption. This vulnerability is known as CVE-2017-3068. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

#balance-transfer目录泄露 #/etc/passwd权限提升 #SUID emergency权限提升

A vulnerability, which was classified as critical, has been found in Electronic Arts Battlefield 1942 1.2/1.3. Affected by this issue is some unknown functionality of the component Remote Console. The manipulation of the argument Username/Password leads to memory corruption. This vulnerability is handled as CVE-2003-1355. The attack may be launched remotely. Furthermore, there is an exploit available.

Following the news about Operation Destabilise, in which the UK’s National Crime Agency (NCA) disrup

A vulnerability has been found in Milw0rm Clone Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file related.php. The manipulation of the argument program leads to sql injection. This vulnerability is known as CVE-2015-4137. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Electrasoft FTP Client 9.49.1 on 32-bit. It has been classified as critical. This affects an unknown part of the component Server Banner Handler. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2003-1368. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

关键词网络攻击一个来自朝鲜的黑客组织正在使用一种名为RID劫持的技术，该技术可以欺骗Windows系统，使其将低权限账户视为具有管理员权限的账户。黑客使用了一个自定义的恶意文件和一个开源工具来进行劫持

关键词迎新年新年到，各位安全圈的朋友们：愿我们在新的一年里，守护安全无畏挑战，攻防之道更上一层；漏洞封堵尽善尽美，红蓝对抗再创佳绩；日志流转尽在掌控，威胁情报精准如神；代码零漏洞，系统零意外！祝大家在

关键词微软微软允许非特权用户在Entra ID中更新自己的用户主体名称 (UPN) ，这引发了对安全和管理监督的担忧。测试正式，普通用户可以通过Entra管理中心进入账户属性页面，直接编辑自己的UPN

A vulnerability, which was classified as problematic, was found in Zabbix up to 1.6.7. This affects the function zbx_get_next_field. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2009-4501. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Cannot GET /event/Ffjdl5QBW7f1uUFH3-RI

在人工智能蓬勃发展并融合到各行各业的当前，一种新型的威胁正悄然蔓延：隐形提示注入攻击。这种看不见的攻击手段，利 […]

A vulnerability, which was classified as problematic, has been found in Michal Marcinkowski Soldat game server up to 1.4.2. Affected by this issue is some unknown functionality. The manipulation leads to denial of service. This vulnerability is handled as CVE-2007-4531. The attack may be launched remotely. Furthermore, there is an exploit available.