Aggregator

Cisco fixed tens of vulnerabilities, including an actively exploited one

Security Affairs
8 months 3 weeks ago
Cisco patched vulnerabilities in ASA, FMC, and FTD products, including one actively exploited in a large-scale brute-force attack campaign. Cisco addressed multiple vulnerabilities in Adaptive Security Appliance (ASA), Secure Firewall Management Center (FMC), and Firepower Threat Defense (FTD) products, including an actively exploited flaw tracked as CVE-2024-20481. The vulnerability CVE-2024-20481 (CVSS score of 5.8) is […]
Pierluigi Paganini

CVE-2024-10355 | SourceCodester Petrol Pump Management Software 1.0 /admin/invoice.php id sql injection

VulDB Recent Entries
8 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoice.php. The manipulation of the argument id leads to sql injection. This vulnerability is handled as CVE-2024-10355. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-10354 | SourceCodester Petrol Pump Management Software 1.0 /admin/print.php id sql injection

VulDB Recent Entries
8 months 3 weeks ago
A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/print.php. The manipulation of the argument id leads to sql injection. This vulnerability is known as CVE-2024-10354. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-10353 | SourceCodester Online Exam System 1.0 /admin-dashboard access control

VulDB Recent Entries
8 months 3 weeks ago
A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /admin-dashboard. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-10353. It is possible to launch the attack remotely. Furthermore, there is an exploit available. This affects a different product and is a different issue than CVE-2024-40480.
vuldb.com

JetBrains Rider 和 WebStorm 允许非商业用户免费使用

Solidot
8 months 3 weeks ago
捷克的软件开发商 JetBrains 宣布,用于.NET 开发、以及 Unity (C#) 和 Unreal Engine (C++)游戏开发的 IDE Rider 和 Web, JavaScript 和 TypeScript 的 IDE WebStorm 允许非商业用户免费使用。JetBrains 称,今年早些时候,IDE RustRover 和 Aqua 实施了一种新的许可模式,即面向非商业用途免费提供。现在这一模式扩展到 WebStorm 和 Rider。如果用户将这些 IDE 用于非商业用途,例如学习、开源项目开发、内容创建或业余爱好开发,那么现在可以免费使用这些 IDE。这项变动不涉及商业项目,它将继续实施现有的许可模式。其他 JetBrains IDE 也不受此更新的影响。它将根据效果判断是否可以推广带其它 IDE。

CVE-2024-10351 | Tenda RX9 Pro 22.03.02.20 POST Request /goform/setMacFilterCfg sub_424CE0 deviceList stack-based overflow

VulDB Recent Entries
8 months 3 weeks ago
A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2024-10351. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-10350 | code-projects Hospital Management System 1.0 /admin/add-doctor.php docname sql injection

VulDB Recent Entries
8 months 3 weeks ago
A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulation of the argument docname leads to sql injection. This vulnerability was named CVE-2024-10350. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad