Aggregator

A vulnerability, which was classified as problematic, was found in Helix Core. Affected is the function commit. The manipulation leads to resource consumption. This vulnerability is traded as CVE-2023-45319. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in opentext Fortify ScanCentral DAST up to 23.1. It has been classified as very critical. This affects an unknown part. The manipulation leads to incorrect privilege assignment. This vulnerability is uniquely identified as CVE-2023-5913. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Helix Core. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to resource consumption. The identification of this vulnerability is CVE-2023-5759. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in node-chromedriver up to 119.0.0. This vulnerability affects unknown code of the component Setting Handler. The manipulation of the argument chromedriver.path leads to os command injection. This vulnerability was named CVE-2023-26156. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, has been found in AppsAnywhere Client up to 2.0.0. This issue affects some unknown processing. The manipulation leads to use of hard-coded cryptographic key . The identification of this vulnerability is CVE-2023-41137. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in AppsAnywhere Client up to 2.0.0 on macOS. Affected by this issue is some unknown functionality of the component Privileged Helper. The manipulation leads to sensitive information in resource not removed before reuse. This vulnerability is handled as CVE-2023-41138. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was suspected in LibTIFF. Further analysis revealed that this issues is a false-positive. Please take a look at the sources mentioned and consider not using this entry at all.

A vulnerability classified as critical has been found in CodeAvalanche Directory. This affects an unknown part. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2008-5898. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Илон Маск меняет курс в конфликте с бразильским правосудием.

Google 向 Android Open Source Project(AOSP)释出了 Android 15 源代码。Android 15 将在未来几周内推送给 Pixel 手机，未来几个月推送给三星、摩托罗拉、一加和小米等厂商的兼容手机。Android 15 的新特性包括：简化 passkey 的登陆，防盗检测，改进大屏幕设备的多任务处理，应用访问限制，增强了屏幕阅读器 TalkBack，集成 Gemini AI 用于图像的音频描述，Circle to Search 支持歌曲识别，使用 Android 设备加速度计探测地震活动，等等。

A group of hacktivist known as Head Mare took advantage of the recent CVE-2023-38831 WinRAR flaw in attacks against organizations in Russia and Belarus. Kaspersky researchers reported that a hacktivist group known as Head Mare exploited recently disclosed WinRAR flaw CVE-2023-38831 in attacks against organizations in Russia and Belarus. Head Mare has been active since at least 2023 exclusively targeting companies in Russia […]

A vulnerability was found in NetBSD. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument pseudocode leads to improper access controls. This vulnerability is handled as CVE-2009-2793. The attack needs to be approached locally. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in InoutMailingListManager 3.1. Affected is an unknown function. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2007-2002. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Aardvark-dns 1.12.0/1.12.1 and classified as problematic. This issue affects some unknown processing of the component TCP Query Handler. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-8418. The attack needs to be done within the local network. There is no exploit available.

Прокитайская манипулятивная кампания резко набрала обороты в преддверии выборов.

A vulnerability has been found in D-Link DI-8400 16.07.26A1 and classified as critical. This vulnerability affects the function upgrade_filter_asp. The manipulation leads to command injection. This vulnerability was named CVE-2024-44400. The attack can be initiated remotely. There is no exploit available.