Aggregator

A vulnerability classified as problematic was found in Mozilla Firefox up to 129.x. This vulnerability affects unknown code of the component Scheme Allocation Handler. The manipulation leads to improper authorization in handler for custom url scheme. This vulnerability was named CVE-2024-8383. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Withhive Kakao 2.11.1.0 and classified as critical. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-5852. The attack can only be initiated within the local network. There is no exploit available.

Oil and gas giant Halliburton has confirmed in a filing today to the Securities and Exchange Commission (SEC) that data was stolen in the recent attack linked to the RansomHub ransomware gang. [...]

A vulnerability has been found in Dark Summoner 1.03.39 and classified as critical. Affected by this vulnerability is an unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-5851. The attack can only be done within the local network. There is no exploit available.

三大亮点抢先看！

Корпоративные клиенты в России столкнулись с новым ударом от корпорации.

A vulnerability was found in XOOPS John Mordo Jobs Module up to 2.4. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument cid leads to sql injection. This vulnerability is known as CVE-2007-2370. The attack can be launched remotely. Furthermore, there is an exploit available.

Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by sending a specially crafted cookie to the vulnerable devices. CVE-2024-7261 CVE-2024-7261 is an OS command injection vulnerability that stems from the improper neutralization of special elements in the parameter “host” in the CGI program of some AP and security … More →

The post Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261) appeared first on Help Net Security.

Is the network defendable? This serious question is often conveniently left unasked because the answer is uncomfortable. On June 3, 1983, the day before I graduated from high school, MGM released the movie “War Games”.  For those who never saw the movie, the plot is essentially a teenage hacker accidentally kicks off an AI computer..

The post Is the “Network” Defendable? appeared first on Security Boulevard.

A vulnerability, which was classified as critical, was found in Kaave Fali 1.5.1. Affected is an unknown function of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2014-5850. The attack needs to be approached within the local network. There is no exploit available.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

A vulnerability classified as very critical has been found in Gregory Kokanosky phpMyNewsletter 0.8 Beta 5. This affects an unknown part. The manipulation leads to Remote Code Execution. This vulnerability is uniquely identified as CVE-2007-2372. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Исследователи открывают новые горизонты в нейробиологии.

Live Webcast from Monaco will Explore the Extraordinary Opportunities in an Era of Explosive Innovation and Growth Cyber A.I. Group, Inc., a rapidly growing cybersecurity, artificial intelligence, and IT services firm, specializing in acquiring a diverse range of related service companies globally, announced today its inaugural international investor presentation set for September 12, 2024. The […]

The post Cyber A.I. Group Announces Global Presentation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, has been found in disney Maleficent Free Fall 1.2.0. This issue affects some unknown processing of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2014-5849. Access to the local network is required for this attack to succeed. There is no exploit available.

Apple закрыла доступ к образам macOS для тестирования безопасности.

A vulnerability classified as critical has been found in Yandex Browser for Desktop. This affects an unknown part. The manipulation leads to untrusted search path. This vulnerability is uniquely identified as CVE-2024-6473. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Symphony Fintech XTS Web Trader 2.0.0.1_P160. It has been rated as critical. Affected by this issue is some unknown functionality of the component Transaction Module. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2024-45587. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Symphony Fintech XTS Web Trader and XTS Mobile Trader 2.0.0.1_P160. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Authentication Module. The manipulation leads to incorrect authorization. This vulnerability is known as CVE-2024-45586. The attack can be launched remotely. There is no exploit available.