Aggregator

美国CISA报告称Contec CMS8000病人监护仪存在软件供应链后门

美国CISA报告称Contec CMS8000病人监护仪存在软件供应链后门

美国CISA报告称Contec CMS8000病人监护仪存在软件供应链后门

美国CISA报告称Contec CMS8000病人监护仪存在软件供应链后门

美国CISA报告称Contec CMS8000病人监护仪存在软件供应链后门

美国CISA报告称Contec CMS8000病人监护仪存在软件供应链后门

根据 Valve 公布的 2025 年 1 月 Steam 硬件和软件调查，Linux 份额比上个月下降 0.23% 至 2.06%，Windows 增加 0.45% 至 96.55%，其中 Windows 11 份额下降 1.50% 而即将停止支持的 Windows 10 增加 0.48% 至 42.87%，苹果 macOS 减少 0.21% 至 1.40%。简体中文用户数减少 0.77% 至 29.18%%，英语用户减少 8.17% 至 33.97%，除此之外只有日语和韩语用户略有增加。在整个 Steam 平台，英特尔处理器占 63.75%；AMD 处理器减少 2.54% 至 36.19%。因掌机 Steam Deck 的流行，最流行的 Linux 发行版是 Arch Linux，而 Steam Deck 运行的 SteamOS 是基于 Arch。

该漏洞是springboot2.6后CVE-2020-17510漏洞补丁失效导致的，本次修复可以让其重新生效

A vulnerability was found in ocPortal and classified as problematic. This issue affects some unknown processing of the file code_editor.php. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2012-1470. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

请求转发导致路径绕过。该漏洞的补丁需要额外配置才生效

A vulnerability was found in Linux-ha heartbeat 2.0.5 and classified as problematic. This issue affects some unknown processing of the file heartbeat.c of the component Shared Memory. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2006-3815. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Orange Web Server 2.1. It has been declared as problematic. This vulnerability affects unknown code of the component GET Request Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2001-0647. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.