Aggregator

A vulnerability, which was classified as critical, was found in GitStack up to 2.3.10. This affects an unknown part of the file rest/user/. The manipulation of the argument username/password leads to improper input validation (User). This vulnerability is uniquely identified as CVE-2018-5955. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

本文是关于">Apache struts2 CVE-2013-2251是由于导致执行远程命令的影响而被高度利

Defining wire communications, and whether the wiretap statute makes it illegal to listen to a podcast or watch a movie online?

The post Is it Illegal to Listen to a Podcast or Watch a Movie Online? appeared first on Security Boulevard.

Облачные серверы смогут получать критические обновления без потери доступности.

爆火设计 Agent 背后的思考。

Screen 本地权限提升漏洞(CVE-2025-23395)

The FBI has warned about an ongoing smishing and vishing scheme using AI deepfakes to impersonate US officials

Here’s why CIOs must lead post-quantum cryptography adoption in 2025 to secure digital assets and future-proof organizations.

The post Preparing for the post-quantum era: a CIO’s guide to securing the future of encryption appeared first on CyberScoop.

根据发表在《Humanities and Social Sciences Communications》期刊上的一项研究，伊朗谢里夫理工大学的科学家报告，AI 无法预测股市。无论是基于长短期记忆网络（LSTM）还是深度神经网络 (DNN)的 AI 模型，它们对股市的预测结果都错得离谱。即使组合使用更先进的 CNN、LSTM、Transformer 模型，它们对于预测现实世界中喧嚣混乱的股票中也是举步维艰。研究人员使用了 12 只德黑兰证券交易所的股票数据。可能其他地方的交易所会有不同的结论。

A vulnerability classified as critical has been found in Oracle Communications Diameter Signaling Router 8.6.0.0. This affects an unknown part of the component Virtual Network Function Manager. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-1999. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in GnuTLS. It has been declared as critical. This vulnerability affects unknown code of the component key_share Extension. The manipulation leads to use after free. This vulnerability was named CVE-2021-20231. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in GnuTLS. It has been rated as critical. This issue affects the function client_send_params in the library lib/ext/pre_shared_key.c. The manipulation leads to use after free. The identification of this vulnerability is CVE-2021-20232. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in GnuTLS and classified as critical. This issue affects the function gnutls_pkcs7_verify of the component pkcs7 Signature Verification Handler. The manipulation leads to double free. The identification of this vulnerability is CVE-2022-2509. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in Oracle Communications Cloud Native Core Binding Support Function 22.2.0/22.2.2/22.3.1. Affected is an unknown function of the component Policy. The manipulation leads to denial of service. This vulnerability is traded as CVE-2022-2509. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in libwebp. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Image File Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2023-1999. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in cryptography Package up to 3.3.1 on Python and classified as critical. Affected by this issue is some unknown functionality of the component Multi-GB Value Update Handler. The manipulation leads to integer overflow. This vulnerability is handled as CVE-2020-36242. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Communications Cloud Native Core Network Function Cloud Native Environment 1.10.0. It has been rated as very critical. This issue affects some unknown processing of the component OC-CNE. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2020-36242. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle MySQL Shell up to 8.0.31. It has been classified as very critical. This affects an unknown part of the component Core Client. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2020-36242. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Red Hat Enterprise Linux 7/8. It has been classified as critical. This affects an unknown part of the component PGP Signature Handler. The manipulation as part of Firmware leads to improper verification of cryptographic signature. This vulnerability is uniquely identified as CVE-2020-10759. An attack has to be approached locally. There is no exploit available.