Aggregator

研究人员发现名为 SpectralBlur 的 macOS 后门

A critical security vulnerability (CVE-2024-49115) in Windows Remote Desktop Services (RDS) has been disclosed, potentially allowing hackers to execute arbitrary remote code via the network. The flaw, assigned the highest severity classification, was officially confirmed by Microsoft on December 10, 2024, and underscores the constant need for vigilance in securing remote desktop environments. Details of […]

The post Windows RDP Service Flaw let Hackers Execute Remote Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

设计师工具Figma宣布涨价 所有订阅方案平均涨价30%且存在捆绑产品

Проект затронет 32 страны и десятки партнёров.

A vulnerability classified as problematic was found in WPBeginner Last Viewed Posts Plugin up to 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-12294. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Members Plugin up to 3.2.10 on WordPress. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-11008. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in RapidLoad Plugin up to 2.4.2 on WordPress and classified as critical. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to sql injection. This vulnerability is handled as CVE-2024-11840. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Oracle Financial Services Market Risk Measurement and Management 8.0.6/8.0.8. It has been rated as critical. This issue affects some unknown processing of the component Infrastructure. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2020-11022. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM OmniFind 8.0/9.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to improper resource management. The identification of this vulnerability is CVE-2010-3899. The attack may be initiated remotely. Furthermore, there is an exploit available.

知名企业级文件传输产品存在漏洞，正在被黑客利用

安心跨年！元旦·春节 21天7*24h在线守护

文献一团乱麻？试试 PARA 管理方法

北约将于2028年启用北约综合网络防御中心

断网近24小时！俄罗斯再次演练“主权互联网”可用性

360预警：新一轮银狐威胁来袭，大量政企主页成“传播源”

A vulnerability has been found in Membership For WooCommerce Plugin up to 2.1.6 on WordPress and classified as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2022-4395. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

RedLine恶意软件利用盗版应用窃取企业信息