Aggregator
CNCERT:Microsoft发布2024年10月安全更新
9 months ago
利用上述漏洞,攻击者可以绕过安全功能限制,获取敏感信息,提升权限,执行远程代码,或发起拒绝服务攻击等。
广东省教育厅群发非法链接短信?官方称短信平台遭入侵
9 months ago
官方称已报案
Deepfakes可以愚弄加密货币交易所上的面部识别
9 months ago
安全客
13家热门Web大模型内容风险评测,短板竟然隐藏在这里!
9 months ago
知道创宇
火山引擎夺得AIM2024大赛超分质量评估赛道冠军
9 months ago
火山引擎多媒体实验室凭借基于大模型的画质评估算法获得冠军
“Lynx” 新勒索软件威胁行为者正在积极攻击美国和英国各行业的组织
9 months ago
安全客
纯血鸿蒙启动公测,爱加密鸿蒙加固平台发布,助力鸿蒙应用安全运营
9 months ago
爱加密
Mozilla 证实有人通过火狐浏览器漏洞主动攻击 Tor 浏览器
9 months ago
安全客
靶场首推厂商!赛宁网安实力入选IDC《中国网络安全软件技术发展路线图》
9 months ago
安全KER小助手
找份工作,就导致个人信息全曝光?数十万份简历遭遇泄露
9 months ago
error code: 521
CVE-2024-9821 | Bot for Telegram on WooCommerce Plugin up to 1.2.4 on WordPress Telegram Bot Token information disclosure
9 months ago
A vulnerability, which was classified as problematic, has been found in Bot for Telegram on WooCommerce Plugin up to 1.2.4 on WordPress. Affected by this issue is some unknown functionality of the component Telegram Bot Token Handler. The manipulation leads to information disclosure.
This vulnerability is handled as CVE-2024-9821. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-9860 | Bridge Core Plugin up to 3.3 on WordPress Demo Import authorization
9 months ago
A vulnerability, which was classified as critical, was found in Bridge Core Plugin up to 3.3 on WordPress. This affects an unknown part of the component Demo Import. The manipulation leads to missing authorization.
This vulnerability is uniquely identified as CVE-2024-9860. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-9187 | Read More by Adam Plugin up to 1.1.8 on WordPress Read More Button authorization
9 months ago
A vulnerability, which was classified as problematic, was found in Read More by Adam Plugin up to 1.1.8 on WordPress. This affects an unknown part of the component Read More Button Handler. The manipulation leads to missing authorization.
This vulnerability is uniquely identified as CVE-2024-9187. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-9824 | ImagePress Plugin up to 1.2.2 on WordPress authorization
9 months ago
A vulnerability was found in ImagePress Plugin up to 1.2.2 on WordPress. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authorization.
This vulnerability is known as CVE-2024-9824. The attack can be launched remotely. There is no exploit available.
vuldb.com
男子通过苹果 AI 的短信总结获悉分手的消息
9 months ago
纽约程序员 Nick Spreen 周三通过 iPhone 15 Pro AI 功能 Apple Intelligence 测试版提供的短信总结功能获悉了分手的消息。他在社交媒体上分享了这一消息,AI 总结了他女友发来的多条短信,宣布了分手的消息表示想要从公寓里拿回属于自己的物品。苹果是在今年 6 月宣布了 Apple Intelligence,目前正在进行公测。Spreen 在自己的 iPhone 手机上运行了测试版。它类似于一个精简版的 ChatGPT,通过读取用户收到的短信提供一个总结版本。
城市漫步指南:掠过七月的曼谷
9 months ago
Matrix 首页推荐 Matrix 是少数派的写作社区,我们主张分享真实的产品体验,有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章,展示来自用户的最真实的体验和观点。 文章代表
CVE-2024-9907 | QileCMS up to 1.1.3 Verification Code Forget.php sendEmail password recovery
9 months ago
A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verification Code Handler. The manipulation leads to weak password recovery.
This vulnerability was named CVE-2024-9907. The attack can be initiated remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
Submit #418417: QileCMS ≤v1.1.3 Authorization Bypass [Accepted]
9 months ago
Submit #418417 / VDB-280234
glzjin
Submit #418112: Shanghai Top Thinking Information Technology Co. ThinkPHP Framework 6.1.4<=8.0.3 Arbitrary code execution [Duplicate]
9 months ago
Submit #418112 / VDB-276872
J1rrY