Aggregator

A vulnerability was found in ShopLentor Plugin up to 2.9.8 on WordPress. It has been classified as problematic. Affected is an unknown function of the component FAQ Widget Elementor Template. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-9538. It is possible to launch the attack remotely. There is no exploit available.

中央网信办和教育部宣布部署开展“清朗·规范网络语言文字使用”专项行动。专项行动聚焦部分网站平台在热搜榜单、首页首屏、发现精选等重点环节呈现的语言文字不规范、不文明现象，重点整治歪曲音、形、义，编造网络黑话烂梗，滥用隐晦表达等突出问题。专项行动要求，各地网信、教育部门要强化协同联动...集中清理不规范、不文明网络语言文字相关信息...

A vulnerability was found in Salt up to 2015.8.3 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2016-1866. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in LHA. This vulnerability affects unknown code of the file header.c of the component Archive Handler. The manipulation leads to integer underflow. This vulnerability was named CVE-2016-1925. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially leading to remote code execution

De laatste eenheid van het Korps Mariniers in Bosnië-Herzegovina is terug. Circa 150 mariniers leverden in het land gedurende 1 jaar een bijdrage aan de EU-missie EUFOR Althea. Doel hiervan is de stabiliteit in de westelijke Balkan te bewaken. Roemeense militairen hebben die rol inmiddels overgenomen.

Что скрывает новая архитектура и как она изменит подход к хранению информации?

Casio now confirms it suffered a ransomware attack earlier this month, warning that the personal and confidential data of employees, job candidates, and some customers was also stolen. [...]

美国太空军罕见的披露，其神秘轨道飞行器 X-37B 将执行一系列机动。这架 X-37B 是在 2023 年 12 月 28 日搭乘 SpaceX 的 Falcon Heavy 火箭发射升空，是 X-37B 的第七次飞行，第一次是在 2010 年 4 月 22 日。美国太空军表示，X-37B 将执行大气煞车机动以改变其绕地球的轨道。大气煞车涉及多次穿越高层大气，利用大气阻力改变轨道的同时节省燃料。美国太空军表示，此举也旨在展示负责任的太空行动，大气煞车让飞行器能通过安全抛弃服务舱去改变轨道和遵守太空碎片缓解规定。太空军没有披露这一任务的预计持续时间。

FMR FAIL: Huge investment firm won’t say how it was hacked.

The post (In)Fidelity Admits Data Breach 8 Weeks Ago — 77K PII Lost appeared first on Security Boulevard.

Резервные копии компаний оказались под прицелом вымогателей.

A vulnerability, which was classified as problematic, has been found in Vyer 0.2.15/0.2.16/0.3.0. This issue affects some unknown processing. The manipulation leads to incorrect authorization. The identification of this vulnerability is CVE-2023-39363. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in MultiVendorX Product Catalog Enquiry for WooCommerce Plugin up to 5.0.5 on WordPress. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-25929. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in SonicWALL SMA1000 12.4.x. Affected is an unknown function. The manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2024-45317. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in WP Ultimate Post Grid Plugin up to 3.9.3 on WordPress. Affected by this vulnerability is the function wpupg-Grid-with-filters of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-9051. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Tainacan Plugin up to 0.21.10 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-9221. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in FULL Cliente Plugin up to 3.1.22 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-9211. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Download Plugins and Themes in ZIP from Dashboard Plugin up to 1.9.1 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-9232. The attack may be initiated remotely. There is no exploit available.