Aggregator

青藤，让云更安全

提到了据称与伊朗存在关联的两个黑客组织

速修复

go语言批量指定指纹及漏洞识别工具

A vulnerability has been found in Mozilla Firefox, Firefox ESR and Thunderbird and classified as critical. This vulnerability affects unknown code of the component PDF Reader. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability was named CVE-2021-23953. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

G.O.S.S.I.P 专栏2024年10月投稿指南

A vulnerability classified as critical was found in Oracle Java SE 7u241/8u231/11.0.5/13.0.1. This vulnerability affects unknown code of the component Security. The manipulation leads to information disclosure. This vulnerability was named CVE-2020-2601. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in runc up to 1.0.0-rc94. This issue affects some unknown processing of the component Configuration Handler. The manipulation leads to pathname traversal. The identification of this vulnerability is CVE-2021-30465. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Thunderbird up to 78.6. Affected is an unknown function of the component STARTTLS Handler. The manipulation leads to missing encryption of sensitive data. This vulnerability is traded as CVE-2020-15685. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Java SE 7u241/8u231/11.0.5/13.0.1. It has been classified as problematic. This affects an unknown part of the component Security. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2020-2590. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

2024年9月，中央网信办举报中心指导全国各级网信举报工作部门、主要网站平台受理网民举报色情、赌博、侵权、谣言等违法和不良信息1810.6万件，环比下降8.7%、同比下降3.3%。

一图读懂《关于加快公共数据资源开发利用的意见》。

随着数字化转型的不断深入，习近平总书记多次对数据资源发展提出重要指示，强调要“促进数据高效流通使用，赋能实体经济，统筹推进数据产权、流通交易、收益分配、安全治理，加快构建数据基础制度体系”。

近日，外交部公布《中国—东盟关于推动建立可持续和包容性的数字生态合作联合声明》。

近日，国家发展改革委、国家数据局、中央网信办、工业和信息化部、财政部、国家标准委联合印发《国家数据标准体系建设指南》，为数据标准化工作提供了基础指引，旨在充分发挥标准在激活数据要素潜能、做强做优做大数字经济等方面的引领性和规范性作用。

7月19日，美国网络安全公司“众击”更新了终端安全软件的内容配置，导致全球近千万台Windows系统出现蓝屏死机现象，20多个国家的交通等行业受到严重影响。该事件对我国数字化转型和网络安全能力建设具有正反两面的借鉴意义，值得我们深入思考。

分享行业的新趋势、新产品，探索合作新模式、新未来。

加强网络数据安全管理，促进AI、金融、工业和信息化等领域的安全规范。

10月18日，上海五角场凯悦酒店见！

A vulnerability classified as critical has been found in Eclipse OpenJ9 up to 0.20. This affects an unknown part of the file System.arraycopy. The manipulation as part of Return Value leads to type confusion. This vulnerability is uniquely identified as CVE-2019-17639. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.