Aggregator

扫码订阅《中国信息安全》邮发代号 2-786征订热线：010-82341063国家互联网信息办公室关于《人工智能生成合成内容标识办法（征求意见稿）》公开征求意见的通知为规范人工智能生成合成内容标识，

A vulnerability has been found in OpenJournal up to 2.0 5 and classified as critical. Affected by this vulnerability is an unknown functionality of the file oj.cgi. The manipulation of the argument uid with the input 0 leads to improper authentication. This vulnerability is known as CVE-2004-0261. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Adobe Photoshop. Affected by this vulnerability is an unknown functionality of the component JP2 File Parser. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2024-43760. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in South River MFT Server and Titan SFTP Server up to 2.0.25.2426. It has been declared as problematic. This vulnerability affects unknown code of the component Web UI. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-44685. The attack can be initiated remotely. There is no exploit available.

简介2023年下半年，一个名为"猎人国际"（Hunters International）的勒索软件团伙引起了广泛关注。这个团伙不仅在短时间内迅速崛起，成为十大最活跃的勒索软件团伙之一。原始谈判记录如下

Minipic是什么 Minipic是一款超快在线图片压缩 图片转换工具网站，可以帮用户将图像转换并压缩为 WebP、AVIF、PNG、JPEG 和 JPEGXL 等现代格式，工具操作介面简洁，...

A vulnerability was found in My T-Mobile. It has been classified as critical. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-6733. The attack needs to be approached within the local network. There is no exploit available.

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士CISA 紧急提醒称，Ivanti Cloud Services Appliance (CSA) 中存在一个高危漏洞 (CVE-2024-8190)

error code: 521

南昌市网信办依法对某学校作出行政处罚。

南昌市网信办依法对某学校作出行政处罚。

A vulnerability, which was classified as critical, has been found in Adobe After Effects. Affected by this issue is some unknown functionality of the component AVI File Parser. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2024-39381. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe After Effects. It has been classified as problematic. Affected is an unknown function of the component AVI File Parser. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-39382. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.6.48/6.10.7 and classified as critical. This vulnerability affects the function btrfs_submit_chunk. The manipulation leads to use after free. This vulnerability was named CVE-2024-46687. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Westpac Mobile Banking 5.21 and classified as critical. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-6732. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability classified as critical was found in GitLab Community Edition and Enterprise Edition up to 17.1.6/17.2.4/17.3.1. Affected by this vulnerability is an unknown functionality. The manipulation of the argument glm_source leads to inefficient regular expression complexity. This vulnerability is known as CVE-2024-8124. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1. It has been classified as critical. Affected is an unknown function of the component Cube Server Handler. The manipulation leads to command injection. This vulnerability is traded as CVE-2024-8640. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GitLab Enterprise Edition up to 17.1.6/17.2.4/17.3.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Maven Dependency Proxy URL Handler. The manipulation leads to server-side request forgery. This vulnerability is handled as CVE-2024-8635. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.