Aggregator

A vulnerability has been found in Chamilo LMS 1.11.26 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file group_topics.php. The manipulation of the argument content leads to cross site scripting. This vulnerability is known as CVE-2024-30618. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

从美国大选看网络安全

888 Has Allegedly Leaked the Data of Beautytap

A vulnerability, which was classified as problematic, was found in Agile-Board 1.0. Affected is an unknown function of the component Password Reset Token Handler. The manipulation of the argument Host leads to weak password recovery. This vulnerability is traded as CVE-2024-51329. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in 1C-Bitrix Bitrix24 23.300.100. This issue affects some unknown processing of the component DAV ServerSetting Handler. The manipulation leads to insufficiently protected credentials. The identification of this vulnerability is CVE-2024-34883. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in 1C-Bitrix Bitrix24 23.300.100. This vulnerability affects unknown code of the component DAV Server Setting Handler. The manipulation leads to insufficiently protected credentials. This vulnerability was named CVE-2024-34891. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in 1C-Bitrix Bitrix24 23.300.100. This affects an unknown part of the component SMTP Server Setting Handler. The manipulation leads to insufficiently protected credentials. This vulnerability is uniquely identified as CVE-2024-34885. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in 1C-Bitrix Bitrix24 23.300.100. It has been rated as problematic. Affected by this issue is some unknown functionality of the component AD LDAP Server. The manipulation leads to insufficiently protected credentials. This vulnerability is handled as CVE-2024-34887. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in 1C-Bitrix Bitrix24 23.300.100. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component SMTP Server Setting Handler. The manipulation leads to insufficiently protected credentials. This vulnerability is known as CVE-2024-34882. The attack can be launched remotely. There is no exploit available.

888 Has Allegedly Leaked the Data of LEOlytics

Nick Diesel Has Allegedly Leaked Data of Multiple US-Based Companies

888 Allegedly Leaked Data of Swenson Park Golf Course

近日，一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。

​Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday, November 1st. [...]

With new and increasing cyber threats abound, navigating global software regulations and staying informed and compliant can seem like an unending task. To help mitigate risks within the software applications organizations use every day, many are increasingly looking to the strategic adoption of software bills of materials (SBOMs) as an effective way to maintain compliance and better secure their software supply chain. An SBOM lists all packages and libraries in an application, including all components' dependencies. This enhanced visibility into what's in a piece of software makes it easier to identify vulnerabilities and license issues, as well as manage risk from open source components.

The post Securing your software supply chain with CISA’s new SBOM guidance appeared first on Security Boulevard.