Aggregator

01客户背景某证券股份有限公司（以下简称：D证券）成立于上个世纪九十年代，总部位于上海。作为一家综合性的上市证券公司，提供多种金融服务，包括证券经纪、投资银行、资产管理和研究咨询等。券商个人端业务涉及

Hello大家好呀，在上周五晚上，「豆包MarsCodeAI编程云课堂」专为编程小白准备了超级无敌霹雳零基础课程《从零开始理解AI编程》，收获了小伙伴们的一致好评，全网有万人进行观看～想要学习AI编程

近期，SafeBreach Labs的研究人员揭露了一种名为“Windows Downdate”的新型攻击技术，该技术能够操纵Windows 11系统在更新时降级关键系统组件，使部分漏洞修复补丁失效。

一进程的贴身行囊 - 信号信号抵达进行需要经过两个步骤，一是发送信号，而是接收信号。信号与进程组在Linux中进程的待处理的信号由task_struct结构体中的signal成员和pending成员进

GEEKCON 2024 上海站于10月24日在上海举行。今年GEEKCON 2024 上海站再设"深蓝洞察之特别披露"、"漏洞与利用 DAF 挑战赛"、"30+5 深度分享"、"AI与黑客挑战赛"和

在数字化时代，网络安全已经成为全球关注的焦点。随着互联网技术的飞速发展，网络空间的安全问题日益凸显，对个人隐私 […]

A vulnerability classified as problematic was found in Cisco TelePresence Management Suite. Affected by this vulnerability is an unknown functionality of the component Web-based Management Interface. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2023-20248. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Better Comments Plugin up to 1.5.5 on WordPress. This vulnerability affects unknown code of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-2402. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in angular-translate up to 2.19.1. Affected by this vulnerability is an unknown functionality of the component Key Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-33665. The attack can be launched remotely. There is no exploit available. The real existence of this vulnerability is still doubted at the moment.

A vulnerability classified as critical has been found in Linux Kernel up to 6.0. Affected is the function dasd_alias_get_start_dev of the component s390. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-48636. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.70/5.19.11/6.0. This vulnerability affects the function __qlt_24xx_handle_abts of the component qla2xxx. The manipulation leads to memory leak. This vulnerability was named CVE-2022-48650. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Logpoint up to 7.3.x. It has been rated as problematic. This issue affects some unknown processing of the component Shared Widgets. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-30176. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ViewerJS 0.5.8. It has been rated as problematic. This issue affects some unknown processing of the component URL TAG Handler. The manipulation leads to open redirect. The identification of this vulnerability is CVE-2024-25676. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in HDF5 up to 1.14.3. Affected is the function H5Z__nbit_decompress_one_byte of the file H5Znbit.c. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2024-32615. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in Nuki Bridge up to 1.8.0/1.9.1. It has been rated as critical. This issue affects some unknown processing of the component JTAG. The manipulation leads to missing authentication. The identification of this vulnerability is CVE-2022-32503. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oxygen XML Web Author and Content Fusion. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-25662. The attack can be launched remotely. There is no exploit available.

AuditForge AuditForge (PwnDoc fork) is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. The main goal is to have more time to search...

The post auditforge: A pentest reporting application appeared first on Penetration Testing Tools.

What is Acra Acra helps you easily secure your databases in distributed, microservice-rich environments. It allows you to selectively encrypt sensitive records with strong multi-layer cryptography, detect potential intrusions and SQL injections and cryptographically compartmentalize...

The post Acra: database protection suite appeared first on Penetration Testing Tools.

Dr. Memory: the memory debugger Dr. Memory is a memory monitoring tool capable of identifying memory-related programming errors such as accesses of uninitialized memory, accesses to unaddressable memory (including outside of allocated heap units...

The post drmemory: Memory Debugger for Windows, Linux, Mac, and Android appeared first on Penetration Testing Tools.

NSFOCUS Showcases Two Groundbreaking Topics at SAS 2024: An In-Depth Analysis of the DarkCasino APT Group and the Evolution of New Botnets. SANTA CLARA, Calif., October 30, 2024 – The 17th Security Analyst Summit (SAS), a premier global event focused on cybersecurity, recently concluded in Bali, Indonesia, where NSFOCUS was invited to participate. As the […]

The post NSFOCUS Showcases Two Groundbreaking Topics at SAS 2024 appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Showcases Two Groundbreaking Topics at SAS 2024 appeared first on Security Boulevard.