Aggregator
【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)
3 months ago
通告编号:NS-2025-00052025-01-21TAG:MongoDB Mongoose、搜索注入、CVE-2025-23061漏洞危害:攻击者利用此漏洞,可实现代码注入。 版本:1.01漏洞概
【漏洞通告】MongoDB Mongoose搜索注入漏洞(CVE-2025-23061)
3 months ago
近日,绿盟科技CERT监测到GitHub发布安全公告,Mongoose中修复了一个搜索注入漏洞(CVE-2025-23061)。CVSS评分9.0,请相关用户尽快采取措施进行防护。
Re @El_Haginho @_FriedrichMerz + Kickl + dem nächsten britischen Premier außerdem wird mit dem kommenden kanadischen Präsidenten Pierre Poilievre u...
3 months ago
Re @_FriedrichMerz “für uns ist das kein Grund zur Sorge“ Stellt euch mal vor, Trump würde ein Video aufnehmen, in dem er sagt „Friedrich Merz is...
3 months ago
OWASP Smart Contract Top 10 2025 Released – What’s new!
3 months ago
The Open Web Application Security Project (OWASP) has released its updated Smart Contract Top 10 for 2025, providing essential insights for developers and security teams in the rapidly evolving Web3 environment. This document outlines the most pressing vulnerabilities found in smart contracts, serving as a crucial resource for maintaining security and protecting against exploitation. OWASP’s new release […]
The post OWASP Smart Contract Top 10 2025 Released – What’s new! appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Divya
CVE-2010-2739 | Microsoft Windows Driver win32k.sys CreateDIBPalette memory corruption (Nessus ID 902256 / ID 90618)
3 months ago
A vulnerability classified as critical has been found in Microsoft Windows. Affected is the function CreateDIBPalette of the file win32k.sys of the component Driver. The manipulation leads to memory corruption.
This vulnerability is traded as CVE-2010-2739. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2010-2745 | Microsoft Media Player 9.x code injection (Issue 21 / MS10-082)
3 months ago
A vulnerability was found in Microsoft Media Player 9.x and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection.
The identification of this vulnerability is CVE-2010-2745. The attack may be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2010-2746 | Microsoft Windows Integer Truncation Common Control Library memory corruption (MS10-081 / EDB-15963)
3 months ago
A vulnerability classified as critical was found in Microsoft Windows. Affected by this vulnerability is an unknown functionality in the library Common Control Library of the component Integer Truncation Handler. The manipulation leads to memory corruption.
This vulnerability is known as CVE-2010-2746. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2010-3399 | Mozilla Firefox up to 4.0 Random Number Generator js_InitRandom cryptographic issues (Bug 577512 / Nessus ID 63402)
3 months ago
A vulnerability has been found in Mozilla Firefox up to 4.0 and classified as problematic. This vulnerability affects the function js_InitRandom of the component Random Number Generator. The manipulation leads to cryptographic issues.
This vulnerability was named CVE-2010-3399. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2010-2771 | IBM solidDB up to 6.30.0044 solid.exe code injection (ID 118235 / BID-41653)
3 months ago
A vulnerability classified as very critical was found in IBM solidDB. Affected by this vulnerability is an unknown functionality of the file solid.exe. The manipulation leads to code injection.
This vulnerability is known as CVE-2010-2771. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Автомобиль-невидимка: как Китай скрывает слежку за военными объектами
3 months ago
Автономный транспорт проник в сердце военных объектов Филиппин.
Vulnerability Archeology: Stealing Passwords with IBM i Access Client Solutions
3 months ago
As part of our ongoing research of the IBM i platform we monitor news and updates rela
【行业动态】天空卫士香港峰会,引领AI数据安全新时代!
3 months ago
以中国创新元素 引领AI数据安全新时代
澳大利亚公司:相比往年网络保险采购率大幅上升
3 months ago
大洋洲地区的公司机构正在开始将网络保险视为其安全工具包的重要组成部分。
【行业动态】天空卫士香港峰会,引领AI数据安全新时代!
3 months ago
在新春佳节前夕,2025年1月15日,天空卫士在香港九龙香格里拉酒店隆重举办“以中国创新元素 引领AI数据安全新时代”为主题的交流会,为香港数字安全领域注入创新活力。天空卫士2022年进驻香港市场,短
澳大利亚公司:相比往年网络保险采购率大幅上升
3 months ago
环境异常 当前环境异常,完成验证后即可继续访问。 去验证
CVE-2010-2785 | KVIrc up to 4.0.2 Privilege Escalation (ID 4693 / EDB-34385)
3 months ago
A vulnerability was found in KVIrc up to 4.0.2. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to Privilege Escalation.
This vulnerability was named CVE-2010-2785. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2010-2790 | Zabbix up to 1.8.2 formatQuery cross site scripting (Nessus ID 48426 / ID 12393)
3 months ago
A vulnerability was found in Zabbix and classified as problematic. This issue affects the function formatQuery. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2010-2790. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2010-2827 | Cisco IOS 15.0 TCP Connection input validation (Nessus ID 49056 / ID 43190)
3 months ago
A vulnerability, which was classified as critical, was found in Cisco IOS 15.0. Affected is an unknown function of the component TCP Connection Handler. The manipulation leads to improper input validation.
This vulnerability is traded as CVE-2010-2827. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com