Aggregator

Apache Subversion中发现了一个关键的安全漏洞，CVE-2024-45720，该漏洞主要影响Windows平台。

A vulnerability has been found in Abtei-neuburg Stift Neuburg 1.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-7566. Access to the local network is required for this attack. There is no exploit available.

国庆长假期间，一系列利用AI技术克隆小米公司创始人雷军声音的恶搞视频在社交媒体平台上迅速传播。这些视频在短时间 […]

新闻速览 •在办公环境中开启iPhone  镜像功能或存在严重的隐私和法律违规风险 •法国游戏公司育 […]

A vulnerability, which was classified as critical, was found in Gmt-editions Rando Noeux 1.0.0. Affected is an unknown function of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2014-7565. The attack needs to be initiated within the local network. There is no exploit available.

The frequency, sophistication, and impact of cyber-attacks on financial institutions have been rising. Given the economic system’s interconnected nature, disruptions in one institution can have cascading effects on the broader financial market, leading to systemic risks. Regulators have responded with increasingly stringent requirements. One of the most significant regulatory developments in this context is the European Union’s Digital Operational Resilience Act (DORA), which will come into force on January 17th, 2025. Dimitri Chichlo, CISO at … More →

The post DORA regulation’s nuts and bolts appeared first on Help Net Security.

Executive SummaryIn July 2024, researchers from Palo Alto Networks discovered a su

生活案例举例教你搞定难懂的Kerberos认证过程

2024御网杯Pwn方向全部题解

绕过铁waf的好手--浅谈多语言eval执行

Prototype Pollution一次探索

SnakeYaml反序列化原理分析和利用总结

CISCN刷题笔记分享

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-11, 20 days ago. The vendor is given until 2025-02-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Rocco Calvi (@TecR0c) with TecSecurity' was reported to the affected vendor on: 2024-10-11, 20 days ago. The vendor is given until 2025-02-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-10-11, 62 days ago. The vendor is given until 2025-02-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Vladislav Berghici of Trend Micro Research' was reported to the affected vendor on: 2024-10-11, 62 days ago. The vendor is given until 2025-02-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-10-11, 62 days ago. The vendor is given until 2025-02-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-10-11, 62 days ago. The vendor is given until 2025-02-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 8.8 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2024-10-11, 63 days ago. The vendor is given until 2025-02-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.