Aggregator

A vulnerability, which was classified as critical, was found in Mozilla Firefox and Thunderbird 15. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2012-3982. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 15. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component DOMWindowUtils. The manipulation leads to improper access controls. This vulnerability is known as CVE-2012-3986. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 15. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper resource management. This vulnerability is handled as CVE-2012-3988. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

10月19日，阿里云「先知」灯塔系列城市沙龙第五站在浙江杭州圆满落地，本次沙龙由阿里云先知、浙江工商大学计算机科学与技术学院、浙江大学学生网络空间安全协会、杭州电子科技大学卓越学院、麦唐天问安全实验室

Attack Method Exploits RAG-based Tech to Manipulate AI System's Output
Researchers found an easy way to manipulate the responses of an artificial intelligence system that makes up the backend of tools such as Microsoft 365 Copilot, potentially compromising confidential information and exacerbating misinformation. Researchers called the attack "ConfusedPilot."

2023 Hacking Incident Affected 1.9 Million Patients, Employees
A Michigan-based dental practice with 250 centers across nine states has agreed to pay $2.7 million under a preliminary settlement of a proposed consolidated class action lawsuit centered on a 2023 hacking incident reported as affecting more than 1.9 million patients and employees.

US Cyber Defense Agency Says Election Is Secure Despite Intensifying Threats
The Cybersecurity and Infrastructure Security Agency is ramping up its warnings of potential election interference and influence campaigns in the lead up to the November vote. But voters can be assured their ballots are secure and will be counted as cast, the agency said.

Vulnerability Tool Detected Flaws in OpenAI and Nvidia APIs Used in GitHub Projects
Security researchers have developed an AI tool that can detect remote code flaws and arbitrary zero-day code in software. Protect AI applied the tool to nearly 10,000 GitHub projects and on CVSS data and uncovered local file inclusion, cross-site scripting and remote code flaws in APIs.

第11期全国体制内单位及相关专业单位开源情报能力提升培训班--开源尖兵实战训练营将于2024年11月3日在四川警察学院集结开训。

40+思维导图和流程图工具。

A vulnerability was found in Mozilla Firefox and Thunderbird 14 and classified as very critical. This issue affects the function nsRangeUpdater::SelAdjDeleteNode. The manipulation leads to improper resource management. The identification of this vulnerability is CVE-2012-3959. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 14. It has been classified as very critical. Affected is the function mozSpellChecker::SetCurrentDictionary. The manipulation leads to improper resource management. This vulnerability is traded as CVE-2012-3960. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 14. It has been declared as very critical. Affected by this vulnerability is the function RangeData::~RangeData. The manipulation leads to improper resource management. This vulnerability is known as CVE-2012-3961. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox and Thunderbird 14. It has been rated as very critical. Affected by this issue is the function js::gc::MapAllocToTraceKind. The manipulation leads to improper resource management. This vulnerability is handled as CVE-2012-3963. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical has been found in Mozilla Firefox and Thunderbird 14. This affects the function gfxTextRun::GetUserData. The manipulation leads to improper resource management. This vulnerability is uniquely identified as CVE-2012-3964. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical has been found in Mozilla Firefox and Thunderbird 14. Affected is the function nsBlockFrame::MarkLineDirty. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2012-3957. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical was found in Mozilla Firefox and Thunderbird 14. Affected by this vulnerability is the function nsHTMLEditRules::DeleteNonTableElements. The manipulation leads to improper resource management. This vulnerability is known as CVE-2012-3958. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Mozilla Firefox and Thunderbird 14 and classified as critical. This vulnerability affects unknown code of the component Text Runs. The manipulation leads to memory corruption. This vulnerability was named CVE-2012-3962. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox 14. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component BMP Height Header Handler. The manipulation as part of ICO Image File leads to memory corruption. This vulnerability is known as CVE-2012-3966. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.