Aggregator

A vulnerability was found in ARM Mali GPU Kernel Driver and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2021-29256. Access to the local network is required for this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in SolarView Compact 6.00 and classified as critical. Affected by this vulnerability is an unknown functionality of the file conf_mail.php. The manipulation leads to command injection. This vulnerability is known as CVE-2022-29303. Access to the local network is required for this attack. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Adobe Acrobat Reader up to 20.005.30514/20.005.30516/23.003.20284. Affected by this vulnerability is an unknown functionality. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2023-26369. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A cyberattack on Kuwait Health Ministry impacted hospitals in the country Pierluigi Paganini S

Election Security / CybercrimeU.S. federal prosecutors on Friday unsealed criminal charges against

Arch Linux 项目负责人 Levente Polyak 在邮件列表上宣布与 Valve 建立直接合作关系。Valve 将在两个方面支持 Arch Linux 项目：构建服务基础设施和安全签名 Enclave。这一消息并不令人惊讶或出人意料，由于 Steam Deck 掌机使用的发行版 SteamOS 是基于 Arch Linux，而 Steam Play/Proton 利用了 Wine 项目，Valve 资助了大量开源项目，与上游发行版更紧密合作富有意义。

A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /shopping/admin/index.php of the component Admin Panel. The manipulation of the argument username leads to sql injection. This vulnerability was named CVE-2024-9326. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #414107 / VDB-278820

A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. This vulnerability is uniquely identified as CVE-2024-9325. It is possible to launch the attack on the local host. There is no exploit available. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.

A vulnerability was found in Intelbras InControl up to 2.21.57. It has been rated as critical. Affected by this issue is some unknown functionality of the file /v1/operador/ of the component Relatório de Operadores Page. The manipulation of the argument fields leads to code injection. This vulnerability is handled as CVE-2024-9324. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was informed early on 2024-07-19 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.

Submit #414058 / VDB-278830

Submit #385397 / VDB-278829

Submit #375614 / VDB-278828

内部备忘录显示，戴尔要求全球销售团队员工从 9 月 30 日起每周在办公室工作五天。此举旨在促进合作和技能开发。戴尔在备忘录中表示，现场代表必须每周五天而不是之前的三天与客户、合作伙伴讨论业务，或在办公室工作。无法进驻本地戴尔办公室的远程员工将继续在家办公。

A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/action/add_staff.php. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-9323. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Supply Chain Management 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit_manufacturer.php. The manipulation of the argument id leads to sql injection. This vulnerability is traded as CVE-2024-9322. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #413401 / VDB-278827

Submit #413337 / VDB-278826