Aggregator

CVE-2025-41668 | Phoenix Contact AXC F 1152 prior 2025.0.2 link following (VDE-2025-054)

VulDB Recent Entries
2 days 7 hours ago
A vulnerability has been found in Phoenix Contact AXC F 1152, AXC F 2152, AXC F 3152, BPC 9102S and RFC 4072S and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to link following. This vulnerability is known as CVE-2025-41668. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-41666 | Phoenix Contact AXC F 1152 prior 2025.0.2 link following (VDE-2025-054)

VulDB Recent Entries
2 days 7 hours ago
A vulnerability, which was classified as critical, was found in Phoenix Contact AXC F 1152, AXC F 2152, AXC F 3152, BPC 9102S and RFC 4072S. Affected is an unknown function. The manipulation leads to link following. This vulnerability is traded as CVE-2025-41666. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-24003 | Phoenix Contact CHARX SEC-3000 up to 1.6.5 MQTT Message buffer overflow (VDE-2025-014)

VulDB Recent Entries
2 days 7 hours ago
A vulnerability, which was classified as critical, has been found in Phoenix Contact CHARX SEC-3150, CHARX SEC-3100, CHARX SEC-3050 and CHARX SEC-3000 up to 1.6.5. This issue affects some unknown processing of the component MQTT Message Handler. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2025-24003. The attack may be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-24002 | Phoenix Contact CHARX SEC-3000 up to 1.6.5 MQTT Message denial of service (VDE-2025-014)

VulDB Recent Entries
2 days 7 hours ago
A vulnerability classified as problematic was found in Phoenix Contact CHARX SEC-3150, CHARX SEC-3100, CHARX SEC-3050 and CHARX SEC-3000 up to 1.6.5. This vulnerability affects unknown code of the component MQTT Message Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2025-24002. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2025-42956 | SAP SAP NetWeaver Application Server ABAP up to 816 cross site scripting

VulDB Recent Entries
2 days 7 hours ago
A vulnerability classified as problematic has been found in SAP SAP NetWeaver Application Server ABAP up to 816. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-42956. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

NASA 新视野号成功演示深空恒星导航技术

Solidot
2 days 7 hours ago
虽然太空船能藉由恒星辨识方位,但要准确掌握其离开地球多远、行经何处,通常仍需仰赖地面以电波进行精密追踪。NASA 新视野号(New Horizo​​ns)任务团队的成员利用这艘目前已距地球超过 88 亿公里的飞船,成功示范仅透过星野影像即可判定方向与位置的导航方法。随着太空船深入太空,从其所在位置所见的恒星位置会开始偏离地球所见的位置。一艘航行至银河系深处的太空船可藉由这种因视差效应产生的偏移,来定位自己相对于邻近恒星的位置。而新视野号已飞行至足够遥远的距离,得以首次真实示范星际导航的可行性。自 2006 年发射以来,新视野号飞越冥王星与柯伊伯带天体 Arrokoth,并将在未来十年间逐步脱离太阳系,进入星际空间。2020 年新视野号科学团队同时从地球与太空中观测并拍摄了邻近恒星比邻星(距离地球4.2光年)与沃夫359(距离7.86光年)周围的星野。这项实验生动呈现出新视野号从内太阳系飞往外太阳系时的视角变化。而针对 2020 年影像中两颗恒星精确位置的更进一步分析,新视野号团队成员及成功推算出新视野号相对于邻近恒星的三维空间位置,精度达约 660 万公里。

How Typing Rules and Type Soundness Work in Core and Fun Programming Languages

不安全
2 days 7 hours ago
文章探讨了编程语言从Fun到Core的翻译及其类型系统。Core引入了生产者、消费者和语句的概念,并通过不同的判断形式进行类型推断。数据与Codata类型的规则对偶,且程序通过Wf-Empty和Wf-Cons规则进行类型检查。文章还证明了Fun和Core的语言翻译保持可 typings 性,并通过进展和保存定理确保了类型安全性。

Detection Engineering: Practicing Detection-as-Code – Introduction – Part 1

不安全
2 days 7 hours ago
这篇文章介绍了检测工程(Detection Engineering)的基本概念和 Detection-as-Code 方法。通过 Detection Development Life Cycle (DDLC) 的六个阶段(需求收集、设计、开发、测试与部署、监控和持续测试),文章详细讲解了如何系统化地开发和管理威胁检测逻辑,并强调了 Detection-as-Code 在提升协作性、一致性、质量、效率和可扩展性方面的优势。这种方法适用于 MSSP 和内部 SOC 等场景。

Weekly Update 459

不安全
2 days 7 hours ago
作者在日本度假,在东京体验当地文化与美食,并计划前往京都。这是他第三次 decade 的第十次访问日本,对比了过去和现在的变化。

Managed ad