Aggregator

The International Defence Esports Games (IDEG) will help sharpen cyber and battlefield skills for allied soldiers

美军学者建议美国特种部队利用独特优势进行军事网络赋能

SaaS巨头Salesforce的第三方生态屡遭攻击，客户信赖频被破坏

Новый электрохимический метод показывает скрытые следы пальцев даже после сильного нагрева при выстреле.

研究公司 Alinea Analytics 估计，Valve 在 2025 年的年收入在 160-170 亿美元之间。而 Valve 大约有 350 名员工，意味着每名员工产生约 5000 万美元的收入。Valve 是一家私营公司，它无需公开披露收入等数据。它的员工数据还是因为诉讼而泄露的。Valve 为员工提供了丰厚的薪酬，根据泄露的数据，它在员工工资上花了近 4.5 亿美元，平均每位员工逾 130 万美元。

An SME’s guide to selecting and working with managed service providers.

上周关注度较高的产品安全漏洞(20251117-20251123)

国家信息安全漏洞共享平台（以下简称CNVD）本周共收集、整理信息安全漏洞572个，其中高危漏洞282个、中危漏洞262个、低危漏洞28个。

С 24 ноября по 5 декабря компания Пассворк проводит акцию в честь Чёрной пятницы — все версии коробочного решения для управления паролями будут доступны со скидкой 50%.

A vulnerability classified as critical has been found in Oracle MySQL Workbench 8.0.34 and prior. This impacts an unknown function of the component MySQL Workbench. Performing manipulation results in improper authentication. This vulnerability is identified as CVE-2023-2283. The attack can be initiated remotely. There is not any exploit available.

A vulnerability classified as critical has been found in webpack-dev-middleware up to 5.3.3/6.1.1/7.0.x. The impacted element is an unknown function. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-29180. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability labeled as problematic has been found in FDUPES up to 2.1.x. This issue affects some unknown processing of the component Symlink Handler. Executing manipulation can lead to race condition. This vulnerability is registered as CVE-2022-48682. The attack needs to be launched locally. No exploit is available. The affected component should be upgraded.

A vulnerability labeled as critical has been found in Oracle Communications Cloud Native Core Network Repository Function 23.3.1. This affects an unknown part of the component Install/Upgrade. Executing manipulation can lead to improper authentication. The identification of this vulnerability is CVE-2023-2283. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Oracle MySQL Cluster 8.0.34 and prior/8.1.0 and classified as critical. Affected is an unknown function. The manipulation leads to improper authentication. This vulnerability is documented as CVE-2023-2283. The attack can be initiated remotely. There is not any exploit available.

A vulnerability identified as critical has been detected in Oracle Communications Network Analytics Data Director 23.2.0. The affected element is an unknown function of the component Platform. This manipulation causes improper authentication. This vulnerability is registered as CVE-2023-2283. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability identified as critical has been detected in Oracle Communications Cloud Native Core Console 23.3.1. Affected by this issue is some unknown functionality of the component Configuration. Performing manipulation results in improper authentication. This vulnerability was named CVE-2023-2283. The attack may be initiated remotely. There is no available exploit.

A vulnerability identified as critical has been detected in libssh. This affects the function pki_verify_data_signature. This manipulation of the argument rc causes improper access controls. This vulnerability is handled as CVE-2023-2283. The attack can only be done within the local network. There is not any exploit available.

A vulnerability categorized as critical has been discovered in Oracle Communications Cloud Native Core Binding Support Function up to 23.1.7/23.2.2. This affects an unknown part of the component Install/Upgrade. Executing manipulation can lead to improper authentication. This vulnerability is registered as CVE-2023-2283. It is possible to launch the attack remotely. No exploit is available.

A vulnerability marked as problematic has been reported in Mozilla Thunderbird up to 115.3.1. Affected by this issue is some unknown functionality of the component Bidirectional Character Handler. The manipulation leads to clickjacking. This vulnerability is listed as CVE-2023-5732. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.