A Threat Actor Claims to be Selling Loader Source Code
A Threat Actor Claims to be Selling Loader Source Code
Aggregator
CVE-2023-25733 | Mozilla Firefox up to 109 TaskbarPreviewCallback null pointer dereference (Bug 1808632)
9 months ago
A vulnerability has been found in Mozilla Firefox up to 109 and classified as problematic. Affected by this vulnerability is the function TaskbarPreviewCallback. The manipulation leads to null pointer dereference.
This vulnerability is known as CVE-2023-25733. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2023-25736 | Mozilla Firefox up to 109 GetTableSelectionMode Remote Code Execution (Bug 1811331)
9 months ago
A vulnerability was found in Mozilla Firefox up to 109 and classified as critical. Affected by this issue is the function GetTableSelectionMode. The manipulation leads to Remote Code Execution.
This vulnerability is handled as CVE-2023-25736. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2019-25136 | Mozilla Firefox up to 69 CSS Rule injection
9 months ago
A vulnerability has been found in Mozilla Firefox up to 69 and classified as critical. Affected by this vulnerability is an unknown functionality of the component CSS Rule Handler. The manipulation leads to injection.
This vulnerability is known as CVE-2019-25136. The attack can only be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2023-3315 | Team Concert Plugin up to 2.4.1 on Jenkins Controller File System permission
9 months ago
A vulnerability, which was classified as problematic, was found in Team Concert Plugin up to 2.4.1 on Jenkins. Affected is an unknown function of the component Controller File System Handler. The manipulation leads to permission issues.
This vulnerability is traded as CVE-2023-3315. The attack can only be done within the local network. There is no exploit available.
vuldb.com
CVE-2020-20067 | ebCMS 1.1.0 type unrestricted upload
9 months ago
A vulnerability, which was classified as critical, was found in ebCMS 1.1.0. Affected is an unknown function. The manipulation of the argument type leads to unrestricted upload.
This vulnerability is traded as CVE-2020-20067. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-26578 | Apache Answer up to 1.2.1 Registration race condition
9 months ago
A vulnerability, which was classified as problematic, was found in Apache Answer up to 1.2.1. Affected is an unknown function of the component Registration Handler. The manipulation leads to race condition.
This vulnerability is traded as CVE-2024-26578. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
网络安全信息与动态周报2024年第49期(12月2日-12月8日)
9 months ago
网络安全信息与动态周报2024年第49期(12月2日-12月8日)
微软补丁日安全通告 | 12月份
9 months ago
微软补丁日安全通告 | 12月份
【漏洞通告】Ivanti Cloud Services Application身份验证绕过漏洞(CVE-2024-11639)
9 months ago
【漏洞通告】Ivanti Cloud Services Application身份验证绕过漏洞(CVE-2024-11639)
大量用户吐槽,Microsoft 365 又大面积宕机
9 months ago
大量用户吐槽,Microsoft 365 又大面积宕机
中国上山遗址发现距今一万年的稻米酒
9 months ago
中国上山遗址发现距今一万年的稻米酒
Vulnerability impacting all versions of Cleo VLTrader, Harmony, and LexiCom software
9 months ago
Canadian Centre for Cyber Security
与业界共鸣!赛宁网安引领“实用型靶场”建设,呼吁用户导向
9 months ago
XCTF联赛小秘
金融行业如何做好安全建设?腾讯安全已给出标准模板
9 months ago
金融行业如何做好安全建设?腾讯安全已给出标准模板
详解如何通过SHA-256截断碰撞和命令注入,攻陷 OpenWrt 供应链
9 months ago
详解如何通过SHA-256截断碰撞和命令注入,攻陷 OpenWrt 供应链
微软十二月补丁星期二值得关注的漏洞
9 months ago
微软十二月补丁星期二值得关注的漏洞
Ivanti:注意这个CVSS 满分的认证绕过漏洞
9 months ago
Ivanti:注意这个CVSS 满分的认证绕过漏洞
中国的肥胖问题日益严重
9 months ago
中国的肥胖问题日益严重
利用断开的域管理员RDP会话提权
9 months ago
利用断开的域管理员RDP会话提权