MiniMax 登上戛纳,AI 与艺术的全球和解开始了?
守旧派戛纳,为什么开始积极拥抱新技术?
Aggregator
Void Dokkaebi Hackers Use Fake Job Interviews to Spread Malware via Code Repositories
3 weeks 2 days ago
A North Korea-linked hacking group known as Void Dokkaebi, also tracked as Famous Chollima, is running a campaign that tricks software developers into installing malware through fake job interviews. The group lures developers into cloning infected code repositories as part of a fabricated coding test, then turns their machines and projects into malware-spreading tools. The […]
The post Void Dokkaebi Hackers Use Fake Job Interviews to Spread Malware via Code Repositories appeared first on Cyber Security News.
Tushar Subhra Dutta
网络安全信息与动态周报2026年第16期(4月13日-4月19日)
3 weeks 2 days ago
分享一篇文章。
【漏洞通告】Apache ActiveMQ 远程代码执行漏洞(CVE-2026-40466)
3 weeks 2 days ago
2026年4月24日,深瞳漏洞实验室监测到一则Apache ActiveMQ组件存在代码执行漏洞的信息,漏洞编号:CVE-2026-40466,漏洞威胁等级:高危。
【漏洞通告】FortiSandbox目录遍历漏洞(CVE-2026-39813)
3 weeks 2 days ago
2026年4月23日,深瞳漏洞实验室监测到一则FortiSandbox组件存在目录遍历漏洞的信息,漏洞编号:CVE-2026-39813,漏洞威胁等级:高危。
【恶意文件通告】Xinference供应链投毒
3 weeks 2 days ago
近期,深信服千里目安全技术中心监测到一起围绕Xinference开源推理框架的PyPI供应链投毒事件。
Indirect prompt injection is taking hold in the wild
3 weeks 2 days ago
The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves hiding (more or less) covert instructions inside ordinary web pages, waiting for an AI agent to read them and carry out the author’s commands. The IPI attack kill chain (Source: Forcepoint) “Ignore previous instructions” In back-to-back reports published this week, Google and Forcepoint researchers laid out real-world evidence of these … More →
The post Indirect prompt injection is taking hold in the wild appeared first on Help Net Security.
Zeljka Zorz
INC
3 weeks 2 days ago
You must login to view this content
cohenido
Ransom House
3 weeks 2 days ago
You must login to view this content
cohenido
CVE-2006-5337 | Oracle Database Server 9.0.1.5 Core RDBMS privilege escalation (Nessus ID 56054 / BID-20588)
3 weeks 2 days ago
A vulnerability, which was classified as critical, was found in Oracle Database Server 9.0.1.5. Affected is an unknown function of the component Core RDBMS. The manipulation results in privilege escalation.
This vulnerability is known as CVE-2006-5337. It is possible to launch the attack remotely. Furthermore, an exploit is available.
It is best practice to apply a patch to resolve this issue.
vuldb.com
CVE-2006-5338 | Oracle Database Server 10.1.0.5 Core RDBMS sql injection (Nessus ID 56054 / BID-20588)
3 weeks 2 days ago
A vulnerability has been found in Oracle Database Server 10.1.0.5 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Core RDBMS. This manipulation causes sql injection.
This vulnerability is handled as CVE-2006-5338. The attack can be initiated remotely. Additionally, an exploit exists.
The presence of this vulnerability remains uncertain at this time.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2006-5339 | Oracle Database Server up to 8.1.7.3 relate privilege escalation (Nessus ID 56054 / ID 19211)
3 weeks 2 days ago
A vulnerability was found in Oracle Database Server up to 8.1.7.3 and classified as critical. Affected by this issue is the function Relate. Such manipulation leads to privilege escalation.
This vulnerability is uniquely identified as CVE-2006-5339. The attack can be launched remotely. Moreover, an exploit is present.
There are still doubts about whether this vulnerability truly exists.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2006-5340 | Oracle Database Server 8.1.7.4 sql injection (VU#869292 / Nessus ID 56054)
3 weeks 2 days ago
A vulnerability was found in Oracle Database Server 8.1.7.4. It has been classified as critical. This affects an unknown part. Performing a manipulation results in sql injection.
This vulnerability was named CVE-2006-5340. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com
CVE-2006-5341 | Oracle Database Server 9.2.0.7 sql injection (VU#318764 / Nessus ID 56054)
3 weeks 2 days ago
A vulnerability was found in Oracle Database Server 9.2.0.7. It has been declared as critical. This vulnerability affects unknown code. Executing a manipulation can lead to sql injection.
The identification of this vulnerability is CVE-2006-5341. The attack may be launched remotely. Furthermore, there is an exploit available.
The real existence of this vulnerability is still doubted at the moment.
A patch should be applied to remediate this issue.
vuldb.com
CVE-2006-5342 | Oracle Database Server 9.0.1.5 EXTENT_OF sql injection (Nessus ID 56054 / ID 19211)
3 weeks 2 days ago
A vulnerability was found in Oracle Database Server 9.0.1.5. It has been rated as critical. This issue affects the function EXTENT_OF. The manipulation leads to sql injection.
This vulnerability is referenced as CVE-2006-5342. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
It is still unclear if this vulnerability genuinely exists.
To fix this issue, it is recommended to deploy a patch.
vuldb.com
CVE-2006-5343 | Oracle Database Server 10.1.0.3 Scheduler privilege escalation (Nessus ID 56054 / ID 19211)
3 weeks 2 days ago
A vulnerability categorized as critical has been discovered in Oracle Database Server 10.1.0.3. Impacted is an unknown function of the component Scheduler. The manipulation results in privilege escalation.
This vulnerability is identified as CVE-2006-5343. The attack can be executed remotely. Additionally, an exploit exists.
It is advisable to implement a patch to correct this issue.
vuldb.com
CVE-2006-5344 | Oracle Database Server 8.1.7.4 sql injection (Nessus ID 56054 / ID 19211)
3 weeks 2 days ago
A vulnerability identified as critical has been detected in Oracle Database Server 8.1.7.4. The affected element is an unknown function. This manipulation causes sql injection.
This vulnerability is tracked as CVE-2006-5344. The attack is possible to be carried out remotely. Moreover, an exploit is present.
The existence of this vulnerability is still disputed at present.
Applying a patch is the recommended action to fix this issue.
vuldb.com
CVE-2006-5345 | Oracle Database Server up to 9.0.1.4 relate privilege escalation (Nessus ID 56054 / ID 19211)
3 weeks 2 days ago
A vulnerability labeled as critical has been found in Oracle Database Server up to 9.0.1.4. The impacted element is the function Relate. Such manipulation leads to privilege escalation.
This vulnerability is listed as CVE-2006-5345. The attack may be performed from remote. In addition, an exploit is available.
The affected component should be upgraded.
vuldb.com
CVE-2006-5346 | Oracle Collaboration Suite 9.2.0.7 Remote Code Execution (Nessus ID 17731 / SBV-12943)
3 weeks 2 days ago
A vulnerability marked as critical has been reported in Oracle Collaboration Suite 9.2.0.7. This affects an unknown function. Performing a manipulation results in Remote Code Execution.
This vulnerability is cataloged as CVE-2006-5346. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2006-5347 | Oracle HTTP Server 9.2.0.7 Remote Code Execution (Nessus ID 17731 / SBV-12944)
3 weeks 2 days ago
A vulnerability described as very critical has been identified in Oracle HTTP Server 9.2.0.7. This impacts an unknown function. Executing a manipulation can lead to Remote Code Execution.
This vulnerability is registered as CVE-2006-5347. It is possible to launch the attack remotely. Furthermore, an exploit is available.
Upgrading the affected component is recommended.
vuldb.com