Aggregator

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11 | U.S. CISA adds Ivanti Cloud Services Appliance

最近登場し

A vulnerability has been found in ISC BIND up to 9.11.0-P1 and classified as problematic. This vulnerability affects unknown code of the component nxdomain-redirect Handler. The manipulation as part of Query leads to 7pk error. This vulnerability was named CVE-2016-9778. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

当星系发生碰撞与合并时，位于其中心的超大质量黑洞也最终会合并为一个更大的黑洞。几乎每个星系的中心都拥有一个超大质量黑洞。最近哈勃太空望远镜与钱德勒 X 射线天文台在一对正在合并的星系中心发

开源 BeOS 操作系统 Haiku 释出了 Haiku R1 的第五个 Beta 版本。主要变化包括：改进 UI 颜色管理、改进暗模式配色、改进 Tracker、VPN 连接支持 TUN

A vulnerability, which was classified as critical, was found in Joomla CMS up to 3.6.4. Affected is an unknown function of the file components/com_users/models/registration.php. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2016-9838. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Assyrian 2.2. It has been declared as critical. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability was named CVE-2014-6764. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability has been found in MapServer up to 7.0.2 and classified as problematic. This vulnerability affects unknown code of the component OGR Driver. The manipulation leads to information disclosure (Connection). This vulnerability was named CVE-2016-9839. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Oracle Retail Returns Management 14.0/14.1 and classified as critical. This vulnerability affects unknown code of the component Security. The manipulation leads to path traversal. This vulnerability was named CVE-2016-9878. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. [...]

A vulnerability was found in BitsCast 0.13.0. It has been classified as critical. Affected is an unknown function. The manipulation leads to denial of service. This vulnerability is traded as CVE-2007-2726. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in secondfiction Codename Birdgame 1. It has been classified as critical. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-6763. The attack can only be done within the local network. There is no exploit available.

彭博社报道了一个相关性现象：在线约会应用的流行与贫富差距的扩大。报道援引研究称，随着在线约会应用的兴起，美国人越来越多的与和自己相似的人结婚，1980-2020 年之间家庭收入不平等的增加

Насколько иррациональные числа важны для эволюции.

A vulnerability was found in Linksys BEFSR41 1.40.2/1.41/1.42.3/1.42.7 and classified as problematic. This issue affects some unknown processing of the file Gozila.cgi of the component Remote Management. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2002-1236. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.