Aggregator

German Law Enforcement Reportedly Deanonymized Tor User in 2021
The Tor Project on Wednesday reassured users that they will remain anonymous after media reported that German police successfully used Tor to trace the alleged administrator of a child pornography site. Tor users can continue to use the browser "securely" and the "Tor Network is healthy," it said.

本《实践指南》给出了敏感个人信息识别规则以及常见敏感个人信息类别和示例，可用于指导各组织识别敏感个人信息，也可为敏感个人信息处理和保护工作提供参考。

在 2023 年发布有关 ServiceNow 数据泄露的报告后，该公司推出了一项安全更新，引入了新的 ACL，以防止未经身份验证访问客户数据。

A vulnerability was found in ZyXEL P-660HW-T1 3. It has been declared as problematic. This vulnerability affects unknown code of the file /Forms/WLAN_General_1. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2014-4162. The attack can be initiated remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment.

Rockwell Automationが提供する複数の製品には、データの信頼性確認が不十分な脆弱性が存在します。

MegaSys Computer Technologiesが提供するTelenium Online Web Applicationには、不適切な入力検証の脆弱性が存在します。

Kastle Systemsが提供するAccess Control Systemには、複数の脆弱性が存在します。

尽管这些监控行为为公司带来了丰厚的利润，但它们可能侵犯个人隐私，威胁个人自由，并使人们面临从身份盗窃到跟踪等一系列风险。

A vulnerability was found in Jamal Bates Show 1.3.14.254. It has been rated as critical. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-6865. The attack can only be initiated within the local network. There is no exploit available.

- Gleaming Pisces 通过 Python 软件包分发 Linux 和 MacOS 后门 - APT34 针对伊拉克政府网络部署恶意软件 - UNC2970 使用木马化 PDF 阅读器部署后门

尽个人事，碎嘴一下，别做黑产

A vulnerability has been found in Apple iOS up to 10.1.1 and classified as critical. This vulnerability affects unknown code of the component FontParser. The manipulation leads to memory corruption. This vulnerability was named CVE-2016-4688. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.10.7. This issue affects some unknown processing of the component nfsd. The manipulation of the argument nfsd4_fattr_args.context leads to uninitialized pointer. The identification of this vulnerability is CVE-2024-46697. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.10.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component vmwgfx. The manipulation leads to incorrect comparison. This vulnerability is known as CVE-2024-46710. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.6 and classified as problematic. Affected by this issue is the function __flush_work of the component workqueue. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-46704. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.6. It has been classified as critical. This affects an unknown part of the component DRM. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-46705. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.47/6.10.6. It has been declared as problematic. This vulnerability affects unknown code of the file serial_ctrl.c of the component fsl_lpuart. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-46706. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.10.7/6.11-rc1 and classified as critical. Affected by this vulnerability is an unknown functionality of the component vmwgfx. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2024-46712. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

比赛时间：2024.9.13 - 2024.9.30