Aggregator
【安全圈】黑客滥用 Microsoft VSCode 远程隧道绕过安全工具
10 months 3 weeks ago
【安全圈】黑客声称惠普企业遭入侵,列出待售数据
10 months 3 weeks ago
【安全圈】宁波某化工企业被境外势力获取危险源监控视频数据
10 months 3 weeks ago
Former CIA Analyst Pleads Guilty to Sharing Top Secret Files
10 months 3 weeks ago
CIA analysts Asif William Rahman has pleaded guilty to sharing classified documents about an Israeli attack
CVE-2004-1958 | Epic Games Unreal Tournament 2003 2225 Win32 Manifest manifest.ini path traversal (EDB-24041 / XFDB-15942)
10 months 3 weeks ago
A vulnerability was found in Epic Games Unreal Tournament 2003 2225 Win32. It has been rated as problematic. Affected by this issue is some unknown functionality of the file manifest.ini of the component Manifest. The manipulation leads to path traversal.
This vulnerability is handled as CVE-2004-1958. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Handala
10 months 3 weeks ago
cohenido
How Many Rooms Should I Solve Per Day? Or Should I Focus More on Theory?
10 months 3 weeks ago
Hey everyone, I’m currently trying to balance my cybersecurity learning between sol
评论 | 请读懂用“反向驯化”对付算法背后的诉求
10 months 3 weeks ago
从正常商业逻辑来说,“回头客”本应享有消费优惠,但在“大数据杀熟”之下,老用户不仅享受不到优惠,甚至价格更高。“大数据杀熟”对相同商品或服务予以差别化定价,这是对消费者公平交易权的侵犯,是对民法典中公平原则、诚实信用原则的违反。
国际 | 日本强化“主动网络防御”能力
10 months 3 weeks ago
据日本共同社等媒体报道,2024年12月下旬以来,日本政府密集召开会议,拟修订相关法律,将多个行业纳入强化网络防御的范围。有评论人士认为,这是日本加速落实“主动网络防御”构想的重要举措,很可能成为日本网络领域政策的转折点。
国际 | 欧盟计划加强医疗保健行业网络安全
10 months 3 weeks ago
欧盟委员会15日公布一份保护卫生领域免遭网络攻击的行动计划,以期加强医疗保健行业网络安全。
专家观点 | 构建多元化的人工智能训练数据供给体系
10 months 3 weeks ago
数据作为数字时代的“新石油”,不仅是传统产业、新兴产业发展的重要支撑,同时也是人工智能科技创新的关键创新资源。
专家解读 | 蒋艳:促进数据标注能力提升,筑牢工业智能数据基础
10 months 3 weeks ago
《关于促进数据标注产业高质量发展的实施意见》的出台,开启了我国数据标注产业高质量发展的崭新阶段。《实施意见》为培育数据标注新业态新模式、筑牢人工智能创新根基提供了路径指引。
关注 | 中央网信办启动“清朗·2025年春节网络环境整治”专项行动
10 months 3 weeks ago
为了营造喜庆祥和的春节网络氛围,中央网信办决定即日起开展为期1个月的“清朗·2025年春节网络环境整治”专项行动。
全球视野 | 国际网安快讯(第46期)
10 months 3 weeks ago
点击文章,了解最前沿的国际网安资讯!
微软修复 Windows Server 系统上 Office 365 应用程序崩溃问题
10 months 3 weeks ago
安全客
Военный связист США раскрыл телефонные тайны Трампа и Харрис
10 months 3 weeks ago
Личные данные миллионов граждан под угрозой после кибератаки на операторов связи.
CVE-2020-18971 | PoDoFo 0.9.6 PdfDictionary.cpp stack-based overflow (Nessus ID 214391)
10 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in PoDoFo 0.9.6. Affected is an unknown function of the file src/base/PdfDictionary.cpp. The manipulation leads to stack-based buffer overflow.
This vulnerability is traded as CVE-2020-18971. The attack can only be initiated within the local network. There is no exploit available.
vuldb.com
CVE-2018-12983 | PoDoFo 0.9.6-rc1 PdfEncrypt.cpp ComputeEncryptionKey PDF File memory corruption (FEDORA-2020-2d80e03190 / Nessus ID 214391)
10 months 3 weeks ago
A vulnerability was found in PoDoFo 0.9.6-rc1. It has been declared as critical. Affected by this vulnerability is the function PdfEncryptMD5Base::ComputeEncryptionKey of the file PdfEncrypt.cpp. The manipulation as part of PDF File leads to memory corruption.
This vulnerability is known as CVE-2018-12983. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2018-20797 | PoDoFo 0.9.6 PdfMemoryManagement.cpp PoDoFo::podofo_calloc memory corruption (ID 34 / Nessus ID 214391)
10 months 3 weeks ago
A vulnerability was found in PoDoFo 0.9.6. It has been rated as problematic. This issue affects the function PoDoFo::podofo_calloc of the file base/PdfMemoryManagement.cpp. The manipulation leads to memory corruption.
The identification of this vulnerability is CVE-2018-20797. The attack may be initiated remotely. There is no exploit available.
vuldb.com