Aggregator

A vulnerability was found in Microsoft Internet Explorer up to 6.0. It has been classified as critical. Affected is an unknown function of the component Remote Data Services. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2002-1142. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Microsoft Word and Excel 98 and classified as problematic. This issue affects some unknown processing of the component Field Code Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2002-1143. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Microsoft Virtual Machine up to 5.0.3805. This issue affects the function com.ms.osp.ospmrshl of the component XML Handler. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2002-0865. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Microsoft Virtual Machine 5.0.3805. Affected is the function com.ms.jdbc.odbc.JdbcOdbc of the component Java Database Connectivity. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2002-0866. It is possible to launch the attack remotely. There is no exploit available.

剪映产品负责人张逍然离职；vivo 内部 MR 团队已达 500 人，原型机体验明年 9 月上线；英伟达计划 2025 上半年发布新一代人形机器人芯片 Jetson Thor

美团将在全国上线防疲劳机制12 月 30 日消息，美团骑手防疲劳机制已于今日在全国主要城市范围内启动上线工作。美团骑手收到的通知显示，跑单超过 8 小时会收到提醒，此后每隔一小时提醒一次；跑单 12

A vulnerability has been found in Martin Nagy bind-dyndb-ldap 0.1.0/0.2.0/1.0.0/1.1.0 and classified as problematic. This vulnerability affects the function dns_to_ldap_dn_escape of the component DNS Server. The manipulation leads to improper input validation. This vulnerability was named CVE-2012-3429. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Tom Braider Count Per Day up to 2.15.0 and classified as problematic. This issue affects some unknown processing of the file userperspan.php. The manipulation of the argument datemax leads to cross site scripting. The identification of this vulnerability is CVE-2012-3434. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Zabbix up to 1.8.14/2.0.1. Affected is an unknown function. The manipulation of the argument itemid leads to sql injection. This vulnerability is traded as CVE-2012-3435. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in ImageMagick 6.7.8-6 and classified as problematic. This issue affects the function Magick_png_malloc. The manipulation of the argument proper leads to denial of service. The identification of this vulnerability is CVE-2012-3437. The attack may be initiated remotely. There is no exploit available.

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

2024年度总结

安全分析与研究专注于全球恶意软件的分析与研究前言概述 除了做点安全研究，别的我好像什么都不会，注定一条道走到底时光荏苒，2024年已经接近尾声，又到了写年度总结的时候了，每年的年底笔者都会坚持写一个年

01阅读须知此文所节选自小报童《.NET 内网实战攻防》专栏，主要内容有.NET在各个内网渗透阶段与Windows系统交互的方式和技巧，对内网和后渗透感兴趣的朋友们可以订阅该电子报刊，解锁更多的报刊内

53某速ERP系统文件上传漏洞53.1 漏洞概述某速ERP管理系统File.ashx存在任意文件上传漏洞 POST /Api/File**.ashx?method=**Upload HTTP/1.1H

环境异常 当前环境异常，完成验证后即可继续访问。 去验证