Aggregator

Submit #611043 / VDB-316987

Понадобилось всего 56 лет и немного Нижнего Новгорода.

微软突然关闭其在线电影和电视商店，Windows 10/11 和 Xbox 用户无法再购买新内容或获得退款。已购买的内容仍可观看，但用户担忧未来可能失去访问权。

作者开发了一款名为“Cursed Tools”的在线工具集，旨在帮助用户快速处理Windows系统调查。该工具包含四个模块：事件日志分析器、Sigma规则测试平台、可执行文件查找器和事件ID指南。所有功能免费使用，注重隐私与安全，并寻求用户反馈以改进服务。

微软承认错误地将 Windows 11 防火墙问题标记为已修复，实际尚未解决。该问题生成事件 ID 2042 警告，不影响防火墙功能。微软已道歉，并计划在未来几周发布修复更新。

AI公司正在开发新的学习工具以颠覆教育市场。OpenAI推出ChatGPT的"Study Together"功能，提供互动教学和测验；Anthropic的Claude通过"Study Projects"帮助学生制定学习计划；Google测试"Guided Learning for Gemini"。这些工具虽不能取代真人教授，但能有效辅助学生学习，并可能改变在线教育格局。

AI companies could soon disrupt the education market with their new AI-based learning tools for students. [...]

一个开放的黑客社区，旨在帮助新手成长为资深人士。提供问答和学习资源，并邀请加入Discord群组交流。

LibreOffice 指责微软通过复杂文件格式限制文档兼容性并阻止用户迁移。微软的 OOXML 格式过于复杂且难以解析，而 LibreOffice 使用开放标准 ODF。这种做法被批评为技术封锁，并呼吁用户转向开源软件和 Linux 系统。

这篇文章介绍了多个科技领域的最新动态与趋势，包括用户体验研究、零售技术对比、AI在数据安全中的应用、Gemini CLI工具指南、加密货币法规变化以及天气雷达技术解析等内容。

Как Microsoft очищает репутацию и атмосферу одновременно.

A vulnerability was found in Growatt Cloud Service up to 20250712. It has been classified as critical. Affected is an unknown function of the component Plant Transfer Handler. The manipulation leads to incorrect authorization. This vulnerability is traded as CVE-2025-29757. It is possible to launch the attack remotely. There is no exploit available. This product is a managed service. This means that users are not able to maintain vulnerability countermeasures themselves.

A vulnerability was found in Portabilis i-Diario 1.5.0 and classified as problematic. This issue affects some unknown processing of the file /justificativas-de-falta. The manipulation of the argument Justificativa leads to cross site scripting. The identification of this vulnerability is CVE-2025-7872. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in Portabilis i-Diario 1.5.0 and classified as problematic. This vulnerability affects unknown code of the file /conteudos. The manipulation of the argument filter[by_description] leads to cross site scripting. This vulnerability was named CVE-2025-7871. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as problematic, was found in Portabilis i-Diario 1.5.0. This affects an unknown part of the component justificativas-de-falta Endpoint. The manipulation of the argument Anexo leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-7870. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file intranet/educar_turma_tipo_det.php?cod_turma_tipo=ID of the component Turma Module. The manipulation of the argument nm_tipo leads to cross site scripting. This vulnerability is handled as CVE-2025-7869. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic was found in Portabilis i-Educar 2.9.0. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_calendario_dia_motivo_cad.php of the component Calendar Module. The manipulation of the argument Motivo leads to cross site scripting. This vulnerability is known as CVE-2025-7868. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic has been found in Portabilis i-Educar 2.9.0. Affected is an unknown function of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novo_titulo leads to cross site scripting. This vulnerability is traded as CVE-2025-7867. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Portabilis i-Educar 2.9.0. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/educar_deficiencia_lst.php of the component Disabilities Module. The manipulation of the argument Deficiência ou Transtorno leads to cross site scripting. The identification of this vulnerability is CVE-2025-7866. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #610138 / VDB-316985