Aggregator

看雪论坛作者ID：mb_qzwrkwda

vivo，将作为 SDC 2024 黄金合作伙伴盛大出席峰会

代码向左，分析向右。

卡巴斯基认为谷歌“过度解读”

速修复

A vulnerability has been found in Slocate 2.5/2.6 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument -c/-r leads to memory corruption. This vulnerability is known as CVE-2003-0056. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

GitLab issued updates for CE and EE to address multiple flaws, including a critical bug allowing CI/CD pipeline runs on unauthorized branches. GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE) to address multiple vulnerabilities, including a critical bug, tracked as CVE-2024-9164 (CVSS score of 9.6), allowing CI/CD pipeline runs on unauthorized […]

IPv6规模部署的需求日益紧迫，但保障网络层安全是重要基础。

A vulnerability classified as problematic has been found in project alumni up to 1.0.8. Affected is an unknown function. The manipulation of the argument year leads to cross site scripting. This vulnerability is traded as CVE-2007-6126. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in project alumni up to 1.0.8. Affected by this vulnerability is an unknown functionality of the file view.page.inc.php. The manipulation of the argument year leads to sql injection. This vulnerability is known as CVE-2007-6127. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Flor De Utopia WorkingOnWeb 2.0.1400. Affected by this issue is some unknown functionality of the file events.php. The manipulation of the argument idevent leads to sql injection. This vulnerability is handled as CVE-2007-6128. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Irola My-Time 3.5 and classified as critical. Affected by this issue is some unknown functionality of the file login.asp of the component Login. The manipulation leads to sql injection. This vulnerability is handled as CVE-2007-6217. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Amber Script 1.0. This affects an unknown part of the file show_content.php. The manipulation of the argument id leads to improper input validation. This vulnerability is uniquely identified as CVE-2007-6129. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as very critical, has been found in Apple QuickTime. Affected by this issue is some unknown functionality of the component RTSP Handler. The manipulation as part of Content-Type Header leads to memory corruption. This vulnerability is handled as CVE-2007-6166. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.

A vulnerability was found in Mp3 ToolBox 1.0 Beta 5. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument skin_file leads to code injection. This vulnerability was named CVE-2007-6139. The attack can be initiated remotely. Furthermore, there is an exploit available.

10月9日，微软发布了2024年10月份的月度例行安全公告，修复了多款产品存在的117个安全漏洞

2024年10月10日，深瞳漏洞实验室监测到一则GitLab组件存在权限绕过漏洞的信息，漏洞编号：CVE-2024-9164，漏洞威胁等级：严重。

2024年10月10日，深瞳漏洞实验室监测到一则Mozilla-firefox组件存在代码执行漏洞的信息，漏洞编号：CVE-2024-9680，漏洞威胁等级：严重。