Aggregator

A vulnerability, which was classified as critical, has been found in iqonicdesign KiviCare Plugin up to 3.6.4 on WordPress. Affected by this issue is the function visit_type[service_id]. The manipulation leads to sql injection. This vulnerability is handled as CVE-2024-11728. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Linux Kernel up to 4.19.324/6.11.10/6.12.1. Affected by this vulnerability is the function do_name of the file Documentation/driver-api/early-userspace/buffer-format.rst of the component initramfs. The manipulation leads to uninitialized pointer. This vulnerability is known as CVE-2024-53142. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 4.19.324/6.11.10/6.12.1. Affected is the function bitmap_ip_uadt of the component netfilter. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2024-53141. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in reputeinfosystems ARMember Plugin up to 4.0.51 on WordPress. It has been rated as critical. This issue affects the function do_shortcode of the component Shortcode Handler. The manipulation leads to code injection. The identification of this vulnerability is CVE-2024-10681. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in pencidesign Soledad Plugin up to 8.5.9 on WordPress. It has been declared as problematic. This vulnerability affects the function penci_archive_more_post_ajax_func/penci_more_post_ajax_func/penci_more_featured_post_ajax_func. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability was named CVE-2024-11289. The attack can be initiated remotely. There is no exploit available.

一切为了AI：苹果将在iPhone 18中放弃封装堆叠内存 改成芯片与内存分离式设计

2024年12月6日，深瞳漏洞实验室监测到一则Django组件存在SQL注入漏洞的信息，漏洞编号：CVE-2024-53908，漏洞威胁等级：高危。

How to start with Ethical hacking or hacking?

谷歌云端硬盘(Google Drive)现已支持PDF电子签名 发起请求签名后即可固化

2024年11月，中央网信办举报中心指导全国各级网信举报工作部门、主要网站平台受理网民举报色情、赌博、侵权、谣言等违法和不良信息1851.4万件，环比增长3.5%、同比增长2.1%。

Waymo近日在旧金山的无人驾驶出租车订单量已经超过了同时期的出租车订单。而在今年二季度，“萝卜快跑”成为中国社交媒体热门话题，中美围绕无人驾驶出租车的比拼悄然开启。为什么要发展无人驾驶出租车？如今中国发展无人驾驶出租车的障碍和优势在哪里？

根据2024年11月28日国家市场监督管理总局、国家标准化管理委员会发布的中华人民共和国国家标准公告（2024年第29号），全国网络安全标准化技术委员会归口的2项网络安全国家标准正式发布。

近日，国家信息安全漏洞库（CNNVD）收到关于SonicWall SMA100 安全漏洞（CNNVD-202412-487、CVE-2024-45318）情况的报送。

当前，全球新一轮科技革命和产业变革深入发展，互联网、物联网、大数据、人工智能等技术持续取得突破，推动数据更广范围、更深层次、更高质量共享流通和开发利用，深刻改变着生产方式、生活方式和社会治理方式，成为推动经济社会高质量发展的关键动力。

近日，随着习近平主席在亚太经合组织第三十一次领导人非正式会议上提出，《全球数据跨境流动合作倡议》在2024年世界互联网大会乌镇峰会期间对外发布，引起国内外广泛关注和讨论。

《中共中央办公厅 国务院办公厅关于推进新型城市基础设施建设打造韧性城市的意见》5日对外公布。

12月5日，在上海市委网信办的指导下，2024第三届北外滩网络安全论坛在上海市北外滩世界会客厅成功举办。

Extracting email from 2019 MS Exchange EDB Files

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when procuring software (proprietary or open source), hardware (e.g., IoT devices), and cloud services (SaaS, MSP services). Digital supply chain threat environment (Source: Australian Cyber Security Centre) It’s aimed at senior executives, cybersecurity specialists, risk advisers, procurement professionals, as well as manufacturers of digital products and … More →

The post How to choose secure, verifiable technologies? appeared first on Help Net Security.