Aggregator

登录 注册

甲骨文以及包括微软在内的外部投资者正在谈判接手 TikTok 美国业务。根据正在协商的协议，TikTok 母公司字节跳动将会保留少数股权，但算法、数据收集和应用更新将由甲骨文负责，甲骨文已经为 TikTok 提供了网络基础设施。知情人士称，甲骨文和白宫官员周五就潜在交易举行了一次会议，另一次会议已安排在下周。知情人士称，甲骨文有兴趣收购价值数百亿美元的 TikTok 股份。根据针对 TikTok 的禁令，字节跳动必须剥离 TikTok 才能继续在美国运营，它不能秘密留下后门。

A vulnerability classified as problematic was found in Moodle 2.6.8/2.7.5/2.8.3. This vulnerability affects unknown code of the component Block Title Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2015-2269. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

新闻速览 国家密码管理局废止、宣布失效部分行政规范性文件 PayPal因安全措施不力被罚200万美元 华硕意外 […]

A vulnerability, which was classified as critical, has been found in Opera Web Browser up to 8.53. This issue affects some unknown processing. The manipulation leads to numeric error. The identification of this vulnerability is CVE-2006-1834. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in YourFreeWorld Banner Management. This issue affects some unknown processing of the file trackads.php. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2010-4981. The attack may be initiated remotely. Furthermore, there is an exploit available.

Segnalo la mia presentazione "Aggiornamento legislativo 2025" (pdf, 2,2 MB): https://www.cesaregallo

A vulnerability has been found in Adobe Flash Player up to 25.0.0.148 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Advanced Video Coding Engine. The manipulation leads to memory corruption. This vulnerability is known as CVE-2017-3068. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

#balance-transfer目录泄露 #/etc/passwd权限提升 #SUID emergency权限提升

A vulnerability, which was classified as critical, has been found in Electronic Arts Battlefield 1942 1.2/1.3. Affected by this issue is some unknown functionality of the component Remote Console. The manipulation of the argument Username/Password leads to memory corruption. This vulnerability is handled as CVE-2003-1355. The attack may be launched remotely. Furthermore, there is an exploit available.

Following the news about Operation Destabilise, in which the UK’s National Crime Agency (NCA) disrup

A vulnerability has been found in Milw0rm Clone Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file related.php. The manipulation of the argument program leads to sql injection. This vulnerability is known as CVE-2015-4137. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Electrasoft FTP Client 9.49.1 on 32-bit. It has been classified as critical. This affects an unknown part of the component Server Banner Handler. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2003-1368. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

关键词网络攻击一个来自朝鲜的黑客组织正在使用一种名为RID劫持的技术，该技术可以欺骗Windows系统，使其将低权限账户视为具有管理员权限的账户。黑客使用了一个自定义的恶意文件和一个开源工具来进行劫持

关键词迎新年新年到，各位安全圈的朋友们：愿我们在新的一年里，守护安全无畏挑战，攻防之道更上一层；漏洞封堵尽善尽美，红蓝对抗再创佳绩；日志流转尽在掌控，威胁情报精准如神；代码零漏洞，系统零意外！祝大家在

关键词微软微软允许非特权用户在Entra ID中更新自己的用户主体名称 (UPN) ，这引发了对安全和管理监督的担忧。测试正式，普通用户可以通过Entra管理中心进入账户属性页面，直接编辑自己的UPN

A vulnerability, which was classified as problematic, was found in Zabbix up to 1.6.7. This affects the function zbx_get_next_field. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2009-4501. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.