Aggregator

CVE-2013-5672 | IndiaNIC Testimonial plugin 2.2 widget_template cross-site request forgery (Bug 123036 / EDB-28054)

9 months ago

A vulnerability, which was classified as critical, was found in IndiaNIC Testimonial plugin 2.2. This affects an unknown part. The manipulation of the argument widget_template leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2013-5672. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2024-46970 | JetBrains IntelliJ IDEA up to 2023.3.3 Project Name cross site scripting

Vuldb Updates

9 months ago

A vulnerability classified as problematic was found in JetBrains IntelliJ IDEA. Affected by this vulnerability is an unknown functionality of the component Project Name Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-46970. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-45833 | Mattermost Mobile Apps up to 2.18.0 Autocomplete protection mechanism

Vuldb Updates

9 months ago

A vulnerability has been found in Mattermost Mobile Apps up to 2.18.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Autocomplete Handler. The manipulation leads to protection mechanism failure. This vulnerability is known as CVE-2024-45833. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-34545 | Intel RAID Web Console software information disclosure (intel-sa-00926)

Vuldb Updates

9 months ago

A vulnerability was found in Intel RAID Web Console software. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-34545. The attack can only be done within the local network. There is no exploit available.

vuldb.com

CVE-2024-34153 | Intel RAID Web Console uncontrolled search path (intel-sa-00926)

Vuldb Updates

9 months ago

A vulnerability classified as critical was found in Intel RAID Web Console. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. This vulnerability is known as CVE-2024-34153. It is possible to launch the attack on the local host. There is no exploit available.

vuldb.com

CVE-2024-45799 | rathena FluxCP up to 1.2 cross site scripting (GHSA-xvqv-25vf-88g4)

Vuldb Updates

9 months ago

A vulnerability was found in rathena FluxCP up to 1.2 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-45799. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-27876 | Apple macOS Archive race condition

Vuldb Updates

9 months ago

A vulnerability classified as problematic has been found in Apple macOS. Affected is an unknown function of the component Archive Handler. The manipulation leads to race condition. This vulnerability is traded as CVE-2024-27876. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-27876 | Apple visionOS Archive race condition

Vuldb Updates

9 months ago

A vulnerability classified as problematic was found in Apple visionOS. Affected by this vulnerability is an unknown functionality of the component Archive Handler. The manipulation leads to race condition. This vulnerability is known as CVE-2024-27876. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

2025-03-03: Three days of scans and probes and web traffic hitting my web server

Malware Traffic Analysis Net

9 months ago

Обиженный программист «заминировал» IT-системы энергетического гиганта

Securitylab.ru

9 months ago

«Аварийный выключатель» Дэвиса Лу обошёлся Eaton Corporation в сотни тысяч долларов.

越南填海工程深度分析：战略布局、军事化进程与东大面临的多维挑战

情报分析师

9 months ago

加拿大新总理马克·卡尼人物调研分析报告

情报分析师

9 months ago

图灵奖的获奖者们，担心成为 AI 界的「奥本海默」

极客公园

9 months ago

曾经 AI 奠基者，如今是「反 AI」先锋。

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools

The Hackers News

9 months ago

A new mass malware campaign is infecting users with a cryptocurrency miner named SilentCryptoMiner by masquerading it as a tool designed to circumvent internet blocks and restrictions around online services. Russian cybersecurity company Kaspersky said the activity is part of a larger trend where cybercriminals are increasingly leveraging Windows Packet Divert (WPD) tools to distribute malware

The Hacker News

Trump Administration and the Russian Cyber Threat, Firefox Privacy Changes

Security Boulevard

9 months ago

In this episode, we discuss whether the Trump administration ordered the U.S. Cyber Command and CISA to stand down on the Russian cyber threat. We also touch on the Canadian tariff situation with insights from Scott Wright. Additionally, we discuss the recent changes to Firefox’s privacy policy and what it means for user data. ** […]

The post Trump Administration and the Russian Cyber Threat, Firefox Privacy Changes appeared first on Shared Security Podcast.

The post Trump Administration and the Russian Cyber Threat, Firefox Privacy Changes appeared first on Security Boulevard.

Tom Eston

Google 推出 Debian Linux Terminal App For Android

Solidot

9 months ago

Google 在 Android 平台推出了 Debian Linux 终端 App，这是它致力于将 Android 变成多用途桌面操作系统的努力的一部分。Debian Linux 终端 App 目前只支持运行 Android 15 的 Pixel 设备，未来会在下一代的 Android 16 版本中提供给所有高性能 Android 设备。对于 Pixel 设备，要使用终端 App 需要首先启用开发者模式（设置 → 关于本机 → 连续点击 Build 号七次），然后进入设置 → 系统→ 开发者选项 → Linux 开发环境。设备的应用抽屉内将会出现终端 App，第一次使用需要下载 500MB 左右的 Debian 系统。终端 App 的设置允许用户调整磁盘空间、设置网络的端口控制以及恢复虚拟机的存储分区等等。