Aggregator

流行减肥药 GLP-1RA 过去几年风靡世界，华盛顿大学团队分析了美国退伍军人事务部的数据，研究了 215970 名糖尿病患者使用 GLP-1RA 和 175 种健康结果的关系。与使用非

流行减肥药 GLP-1RA 过去几年风靡世界，华盛顿大学团队分析了美国退伍军人事务部的数据，研究了 215970 名糖尿病患者使用 GLP-1RA 和 175 种健康结果的关系。与使用非 GLP-1RA 抗高血糖药物的对照人群比较后发现，使用 GLP-1RA 的参与者发生凝血和心脏代谢疾病（如深静脉血栓、肺栓塞、中风、心脏骤停、心力衰竭和心肌梗死）的风险较低。他们还提出其他潜在有益效果，包括与较低的精神疾病、癫痫、细菌感染和肺炎风险等相关。同时他们也发现，使用 GLP-1RA 与胃肠道疾病（如恶心呕吐、憩室炎、胃炎和腹痛）以及低血压、晕厥和关节炎风险升高有关。他们强调，该发现是观察性的，不能表明因果关系，但这些发现有助于描述 GLP-1RA 的广泛健康影响。

A vulnerability classified as problematic has been found in needyamin image_gallery 1.0. This affects the function image_gallery of the file /view.php. The manipulation of the argument username leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-0721. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

Authors:(1) Mohammad Shushtari, Department of Mechanical and Mechatronics Engineering, University

Submit #482822 / VDB-293482

A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as problematic. Affected by this issue is the function removeExtraSlashes of the file /opt/MicroWorld/sbin/rtscanner of the component Folder Watch List Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2025-0720. The attack needs to be approached locally. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #482812 / VDB-293481

A vulnerability was found in Apache Solr up to 9.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component FileSystemConfigSetService. The manipulation leads to improper authorization. This vulnerability is known as CVE-2025-24814. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in Apache Solr up to 9.7.0 on Windows. It has been classified as critical. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE-2024-52012. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Submit #482371 / VDB-293480

A vulnerability has been found in Bfs.kilu Bigforum 4.5 and classified as critical. This vulnerability affects unknown code of the file profil.php. The manipulation of the argument id leads to sql injection. This vulnerability was named CVE-2010-0948. The attack can be initiated remotely. Furthermore, there is an exploit available.

登录 注册

在上月底举行的 38C3 混沌计算机俱乐部会议上，研究人员披露中欧地区的可更新能源设施使用未加密无线电信号接收命令向电网输送或切断电力。研究人员是在分析柏林路灯使用的无线电接收器时意外获得这一发现的，他们试图通过逆向工程无线电接收器去控制柏林全市的路灯去展示能从空中看到的特定模式，结果意外发现控制可更新能源设施的系统与控制路灯的系统相同。安装在路灯上的接收器也用于小型太阳能发电厂这一事实并不令他们感到惊讶，他们感到震惊的是其规模。研究人员估计，在特定条件下向发电设施发送一系列恶意信息足以摧毁整个欧洲电网。电网安全专家对此说法持怀疑态度。

A vulnerability was found in IBM Automation Decision Services 23.0.2 and classified as problematic. This issue affects some unknown processing. The manipulation leads to use of web browser cache containing sensitive information. The identification of this vulnerability is CVE-2024-31906. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in ays-pro Survey Maker Plugin up to 5.1.3.3 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation of the argument ays_sections[5][questions][8][title] leads to cross site scripting. This vulnerability was named CVE-2024-13505. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in codexpert WC Affiliate Plugin up to 2.4 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-12334. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in e4jvikwp VikBooking Hotel Booking Engine & PMS Plugin up to 1.7.2 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-11641. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in MVPThemes Zox News Plugin up to 3.16.0 on WordPress. Affected by this vulnerability is the function backup_options/restore_options. The manipulation leads to missing authorization. This vulnerability is known as CVE-2024-11936. The attack can be launched remotely. There is no exploit available.

INE Security, a leading global provider of cybersecurity training and certifications, today announced a new initiative designed to accelerate compliance with the Department of Defense’s (DoD) newly streamlined Cybersecurity Maturity Model Certification (CMMC) 2.0. This initiative aims to assist Defense Industry Base (DIB) contractors in swiftly adapting to the updated certification standards, which are critical […]

The post INE Security Alert: Expediting CMMC 2.0 Compliance appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.