Aggregator

Submit #436531 / VDB-282988

Submit #436526 / VDB-282921

网信办启动了为期 2 个月的“清朗·同城版块信息内容问题整治”专项行动。本次专项行动覆盖社交、短视频、直播、资讯、电商、搜索引擎、团购点评、婚恋交友、地图导航、旅游出行、本地生活、天气日历、运动健康等平台同城（本地）榜单、版块、栏目、频道，以及各类基于地理位置提供同城信息内容或服务的移动互联网应用程序，重点整治5类突出问题：一是散播网络戾气。二是制造网络谣言和虚假信息。三是呈现色情低俗信息。四是为同城违法活动引流。以婚恋交友、线下陪玩、旅游搭子、上门按摩、租赁服务等名义，在低俗图文、短视频等信息中嵌入地理位置标签，以“茶”等暗语或者不合理高价售卖特定商品，打着“高薪”“包吃住”等幌子发布虚假招聘信息，在账号信息、评论、弹幕、直播等环节发布社交账号、群组号、手机号、二维码等，诱导网民私聊或加入群组，为线下色情、诈骗等违法活动引流。五是提供网络水军服务。

A vulnerability classified as problematic has been found in TP-Link Tapo H100 IoT Smart Hub prior 1.5.22. This affects an unknown part. The manipulation leads to cleartext storage of sensitive information. This vulnerability is uniquely identified as CVE-2024-10523. It is possible to launch the attack on the physical device. There is no exploit available.

A vulnerability was found in BG-TEK Informatics Security Technologies CoslatV3 up to 3.1069. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to code injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is handled as CVE-2024-10035. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in Brokerage Technology Solutions Wave 2.0 up to 1.1.6. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component API Endpoint. The manipulation leads to information exposure through error message. This vulnerability is known as CVE-2024-51560. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Brokerage Technology Solutions Wave 2.0 up to 1.1.6. It has been classified as problematic. Affected is an unknown function of the component API Endpoint. The manipulation of the argument user_id leads to authorization bypass. This vulnerability is traded as CVE-2024-51559. It is possible to launch the attack remotely. There is no exploit available.

软件介绍QOwnNotes是开源的记事本，具有 Markdown支持 和针对GNU / Linux，Mac OS X和Windows的待办事项列表管理器

A vulnerability was found in Brokerage Technology Solutions Aero and classified as very critical. This issue affects some unknown processing of the component API Endpoint. The manipulation leads to reliance on untrusted inputs in a security decision. The identification of this vulnerability is CVE-2024-51561. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Brokerage Technology Solutions Wave 2.0 up to 1.1.6 and classified as problematic. This vulnerability affects unknown code of the component API Response Handler. The manipulation of the argument user_id leads to risky cryptographic algorithm. This vulnerability was named CVE-2024-51556. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Brokerage Technology Solutions Wave 2.0 up to 1.1.6. This affects an unknown part of the component API Based Login. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability is uniquely identified as CVE-2024-51558. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Brokerage Technology Solutions Wave 2.0 up to 1.1.6. Affected by this issue is some unknown functionality of the component API Endpoint. The manipulation leads to improper control of interaction frequency. This vulnerability is handled as CVE-2024-51557. The attack may be launched remotely. There is no exploit available.

本篇文章的内容和观点主要来自国外一家情报机构在网络中的研讨会摘录以及地下情报工作人员的实际探查后的陈述总结。

GCC 14 系列将英特尔安腾（ia64）架构标记为弃用，预计 GCC 15 移除相关代码。然而事情发生了变化，GNU Compiler Collection 开发团队合并了柏林开发者 René Rebe 的补丁，重新恢复了对安腾架构的支持，GCC 将会继续支持安腾数年，开发者仍然可以为安腾系统构建应用。英特尔是在上世纪末推出了安腾（ia64）架构，它只支持 64 位，而 AMD 在同一时间推出的 x86-64 架构则兼容 32 位，最终 x86-64 赢得了市场，它也被称为 AMD64。英特尔已在 2021 年淘汰了安腾处理器产品。Linux kernel 6.7 已经移除了安腾相关代码。

A vulnerability, which was classified as critical, was found in Rianxosencabos CMS 0.9. This affects an unknown part. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2008-4244. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in AvailScript Article Script and classified as critical. This vulnerability affects unknown code of the file view.php. The manipulation leads to sql injection. This vulnerability was named CVE-2008-6037. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in 6rbScript 3.3. Affected is an unknown function of the file section.php. The manipulation leads to path traversal. This vulnerability is traded as CVE-2008-6453. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Phpicalendar up to 2.24. This affects an unknown part. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2008-5967. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in phpicalendar up to 2.24. This vulnerability affects unknown code of the file print.php. The manipulation of the argument cookie_language leads to path traversal. This vulnerability was named CVE-2008-5968. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in NetArtMedia Jobs Portal 1.3. It has been classified as critical. This affects an unknown part of the file index.php of the component Search Module. The manipulation of the argument news_id leads to sql injection. This vulnerability is uniquely identified as CVE-2008-6030. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.