Сможете ли вы убежать от Figure 03? Авторы показали реальную скорость своего нового робота
Повышенная манёвренность не оставляет шансов даже в замкнутых пространствах.
Aggregator
CVE-2023-49375 | JFinalCMS 5.0.0 update cross-site request forgery (EUVD-2023-3209)
1 month 1 week ago
A vulnerability identified as problematic has been detected in JFinalCMS 5.0.0. This vulnerability affects unknown code of the file /admin/friend_link/update. This manipulation causes cross-site request forgery.
This vulnerability is tracked as CVE-2023-49375. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com
CVE-2023-28399 | CONPROSYS HMI System up to 3.5.2 access control (EUVD-2023-32095)
1 month 1 week ago
A vulnerability marked as critical has been reported in CONPROSYS HMI System up to 3.5.2. This vulnerability affects unknown code. Performing manipulation results in improper access controls.
This vulnerability is cataloged as CVE-2023-28399. It is possible to initiate the attack remotely. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2023-28390 | ICOM SR-7100VN up to 1.21/1.38 os command injection (EUVD-2023-32086)
1 month 1 week ago
A vulnerability was found in ICOM SR-7100VN up to 1.21/1.38. It has been classified as critical. This impacts an unknown function. Performing manipulation results in os command injection.
This vulnerability is cataloged as CVE-2023-28390. The attack must originate from the local network. There is no exploit available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2023-28392 | Inaba Denki Sangyo AC-WAPU-300 os command injection (EUVD-2023-32088)
1 month 1 week ago
A vulnerability was found in Inaba Denki Sangyo AC-WAPU-300, AC-WAPU-300-P, AC-WAPUM-300 and AC-WAPUM-300-P. It has been declared as critical. Affected is an unknown function. Executing manipulation can lead to os command injection.
This vulnerability is registered as CVE-2023-28392. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2023-28394 | Beekeeper Studio 3.2.0/3.6.6 cross site scripting (EUVD-2023-32090)
1 month 1 week ago
A vulnerability was found in Beekeeper Studio 3.2.0/3.6.6. It has been rated as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is documented as CVE-2023-28394. The attack can be initiated remotely. There is not any exploit available.
Upgrading the affected component is advised.
vuldb.com
【安全圈】React Server Components 远程代码执行漏洞
1 month 1 week ago
【安全圈】两大黑客案件被侦破
1 month 1 week ago
关键词黑客案件第一案:利用漏洞入侵系统,植入涉黄链接栾事件背景:⚠️ 吕某为牟取不法利益,自学黑客技术,利用漏
【安全圈】豆包手机助手被曝可直接问出银行余额
1 month 1 week ago
关键词信息安全近期,豆包手机助手未来的手机方向,真的朝着“手机助手AI化”的方向发展了。
最新《网络数据安全风险评估办法(征求意见稿)》要求重要数据每年评估,一般数据每3年查1次!
1 month 1 week ago
国家互联网信息办公室关于《网络数据安全风险评估办法(征求意见稿)》公开征求意见的通知
Researchers Hack Google’s Gemini CLI Through Prompt Injections in GitHub Actions
1 month 1 week ago
A critical vulnerability class dubbed “PromptPwnd,” affects AI agents integrated into GitHub Actions and GitLab CI/CD pipelines. This flaw allows attackers to inject malicious prompts via untrusted user inputs like issue titles or pull request bodies, tricking AI models into executing privileged commands that leak secrets or alter workflows. At least five Fortune 500 companies […]
The post Researchers Hack Google’s Gemini CLI Through Prompt Injections in GitHub Actions appeared first on Cyber Security News.
Guru Baran
«Люди станут рыбами, ИИ — в 10 000 раз умнее» Глава SoftBank предсказал будущее искусственного суперинтеллекта — но остался оптимистом
1 month 1 week ago
Пока одни эксперты предупреждают о возможном вымирании человечества, Масайоши Сон уверяет, что мы просто займем место рыб в аквариуме суперразумных машин.
Rhysida
1 month 1 week ago
You must login to view this content
cohenido
Миллионы кубитов против одной молекулы. Мечты о квантовой революции разбиваются о суровую реальность физики
1 month 1 week ago
Ученые развенчали мифы о скором прорыве.
Deepseek大模型安全应用开发:从提示词、Agent到RAG的完整实现
1 month 1 week ago
漏洞分析、脚本生成… 大语言模型如何助力网络安全?这门课告诉你答案!
从ANGR-CTF项目入手ANGR和符号执行技术
1 month 1 week ago
看雪论坛作者ID:S_i_d
Фатальное комбо: истребитель F-35A получит ракету, от которой невозможно увернуться
1 month 1 week ago
Американский стелс и передовые технологии Европы объединились, чтобы переписать правила воздушного боя.
CVE-2025-12191 | PDF Catalog for WooCommerce Plugin up to 1.1.18 on WordPress cross site scripting
1 month 1 week ago
A vulnerability was found in PDF Catalog for WooCommerce Plugin up to 1.1.18 on WordPress. It has been classified as problematic. This affects an unknown function. Performing manipulation results in cross site scripting.
This vulnerability was named CVE-2025-12191. The attack may be initiated remotely. There is no available exploit.
vuldb.com
CVE-2025-12128 | Hide Categories Or Products On Shop Page Plugin up to 1.0.7 on WordPress save_data_hcps cross-site request forgery
1 month 1 week ago
A vulnerability categorized as problematic has been discovered in Hide Categories Or Products On Shop Page Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is the function save_data_hcps. The manipulation results in cross-site request forgery.
This vulnerability is identified as CVE-2025-12128. The attack can be executed remotely. There is not any exploit available.
vuldb.com
CVE-2025-13360 | Quantic Social Image Hover Plugin up to 1.0.8 on WordPress Setting cross-site request forgery
1 month 1 week ago
A vulnerability identified as problematic has been detected in Quantic Social Image Hover Plugin up to 1.0.8 on WordPress. Affected by this issue is some unknown functionality of the component Setting Handler. This manipulation causes cross-site request forgery.
This vulnerability is tracked as CVE-2025-13360. The attack is possible to be carried out remotely. No exploit exists.
vuldb.com