Cyber Agility Mandate – Transforming InfoSec Programs to Meet Evolving Markets
Cyber Agility Mandate – Transforming InfoSec Programs to Meet Evolving Markets
Aggregator
蓝凌之前台低权限提权至后台RCE
8 months 1 week ago
蓝凌之前台低权限提权至后台RCE
索尼共生产了 160,636,885 台 PS2 游戏机
8 months 1 week ago
索尼共生产了 160,636,885 台 PS2 游戏机
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs
8 months 1 week ago
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs
8 months 1 week ago
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs
How to Threat Model: A Guide to Effectively Mapping your Attack Surface
8 months 1 week ago
How to Threat Model: A Guide to Effectively Mapping your Attack Surface
Web Cache Poisoning: WWWWWH?
8 months 1 week ago
Web Cache Poisoning: WWWWWH?
Web Cache Poisoning: WWWWWH?
8 months 1 week ago
Web Cache Poisoning: WWWWWH?
TryHackme’s Advent of Cyber 2024 — Day 02 Writeup
8 months 1 week ago
TryHackme’s Advent of Cyber 2024 — Day 02 Writeup
From Hacktivism to Cyber Warfare: Understanding the Role of Ideology in Cyberattacks
8 months 1 week ago
From Hacktivism to Cyber Warfare: Understanding the Role of Ideology in Cyberattacks
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Wins
8 months 1 week ago
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Wins
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Wins
8 months 1 week ago
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Wins
读书摘录《黑天鹅:如何应对不可预知的未来》
8 months 1 week ago
读书摘录《黑天鹅:如何应对不可预知的未来》
Common Holiday Phishing Scams To Watch Out for This Season
8 months 1 week ago
Common Holiday Phishing Scams To Watch Out for This Season
Understanding of Voltage Fault Injection — Glitching Attack
8 months 1 week ago
Understanding of Voltage Fault Injection — Glitching Attack
You’re Not Paranoid: Your Devices Are Always Listening — and Here’s Why
8 months 1 week ago
You’re Not Paranoid: Your Devices Are Always Listening — and Here’s Why
懒猫微服简单体验评测:全能型家庭微服务器 但绝对不是NAS
8 months 1 week ago
懒猫微服简单体验评测:全能型家庭微服务器 但绝对不是NAS
CVE-2024-38859 | Checkmk up to 2.0.0p39/2.1.0p46/2.2.0p32/2.3.0p13 View Page cross site scripting
8 months 1 week ago
A vulnerability, which was classified as problematic, was found in Checkmk up to 2.0.0p39/2.1.0p46/2.2.0p32/2.3.0p13. Affected is an unknown function of the component View Page. The manipulation leads to basic cross site scripting.
This vulnerability is traded as CVE-2024-38859. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2024-11168 | Python CPython up to 3.11.3/3.12.0b0 URL Parser urllib.parse.urlsplit urllib.parse.urlsplit/urlparse server-side request forgery (ID 103848 / Nessus ID 211470)
8 months 1 week ago
A vulnerability was found in Python CPython up to 3.11.3/3.12.0b0. It has been declared as problematic. This vulnerability affects the function urllib.parse.urlsplit/urlparse in the library urllib.parse.urlsplit of the component URL Parser. The manipulation leads to server-side request forgery.
This vulnerability was named CVE-2024-11168. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-51164 | JEPaaS 7.2.8 Query insertBtnLog sql injection
8 months 1 week ago
A vulnerability, which was classified as critical, was found in JEPaaS 7.2.8. This affects an unknown part of the file /je/login/btnLog/insertBtnLog of the component Query Handler. The manipulation leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-51164. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com