Aggregator

A vulnerability was found in Mojoscripts MojoClassifieds 2.0. It has been classified as critical. Affected is an unknown function of the file mojoclassified.cgi. The manipulation of the argument cat_a leads to sql injection. This vulnerability is traded as CVE-2008-3382. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Cce-interact Interact 2.4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Help. The manipulation leads to path traversal. This vulnerability is handled as CVE-2008-3384. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Mojoscripts MojoPersonals. It has been rated as critical. Affected by this issue is some unknown functionality of the file mojoclassified.cgi. The manipulation of the argument cat leads to sql injection. This vulnerability is handled as CVE-2008-3403. The attack may be launched remotely. Furthermore, there is an exploit available.

苹果达成了协议，收购流行图像编辑应用 Pixelmator。这笔交易还需要监管部门的批准，收购金额没有披露。Pixelmator 由两位立陶宛兄弟 Saulius 和 Aidas Daiide 于 2007 年创建，当年发布了首个版本，是苹果平台上流行的 Adobe Photoshop 替代。开发商表示，暂时 Pixelmator Pro、Pixelmator for iOS 和 Photomator 应用不会发生变化。

TTS Azure Web TTS Azure Web 是一个 Azure 文本转语音（TTS）网页应用。通过语音合成标记语言 (SSML) 对输出语音结果微调，可以在本地运行或使用你的 Az...

东京高等法院判决，裁定不承认同性婚姻的相关规定“违宪”。东京高院以“不基于合理依据，因性取向而在法律上被歧视对待”为由，指出这违反了规定“法律之下人人平等”的《宪法》第十四条第一款、以及倡导“个人尊严和两性本质上平等”的《宪法》第二十四条第二款。审判长谷口园惠在判决中称，“不能说在婚姻制度中将异性间和同性间区别开来的做法有合理依据”。

windows 24h2 在开发者选项中可以直接开启sudo设置，开发者选项，启用sudo。 24h2 之前的版本，开启方法： github：https://github.com/micros...

A vulnerability was found in NumPy 1.9.x. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component numpy.core. The manipulation leads to incorrect comparison. This vulnerability is known as CVE-2021-34141. Access to the local network is required for this attack. There is no exploit available.

A vulnerability has been found in Oracle Communications Cloud Native Core Policy 22.1.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Policy. The manipulation leads to denial of service. This vulnerability is known as CVE-2021-34141. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.9.9. Affected is an unknown function of the component nvmem. The manipulation leads to permission issues. This vulnerability is traded as CVE-2024-41029. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.96/6.6.36/6.9.7 on Spectrum. Affected is an unknown function of the component spectrum_buffers. The manipulation of the argument port_page leads to use after free. This vulnerability is traded as CVE-2024-42073. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.9.8. It has been classified as problematic. This affects the function devm_mutex_init of the component mlxreg. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2024-42129. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Nexusjnr Jbook. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file main.asp. The manipulation leads to sql injection. This vulnerability is known as CVE-2008-6376. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as very critical, was found in Open Dental up to 16.1. Affected is an unknown function of the component MySQL Server. The manipulation leads to credentials management. This vulnerability is traded as CVE-2016-6531. It is possible to launch the attack remotely. There is no exploit available. The real existence of this vulnerability is still doubted at the moment. It is recommended to change the configuration settings.

Network traffic analysis provides critical insights into malware and phishing attacks. Doing it effectively requires using proper tools like ANY.RUN’s Interactive Sandbox. It simplifies the entire process, letting you investigate threats with ease and speed. Take a look at the key ways you can monitor and analyze network activity with the service. Connections  Examining network […]

The post How to Capture, Decrypt, and Analyze Malicious Network Traffic with ANY.RUN appeared first on ANY.RUN's Cybersecurity Blog.

A vulnerability, which was classified as critical, has been found in Apple watchOS up to 3.1. Affected by this issue is some unknown functionality of the component Kernel. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2017-2490. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Apple tvOS up to 10.1. Affected by this vulnerability is an unknown functionality of the component Kernel. The manipulation leads to memory corruption. This vulnerability is known as CVE-2017-2490. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Apple macOS up to 10.12.3. Affected is an unknown function of the component Kernel. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2017-2490. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in NetWin dnewsweb 57e1. This affects an unknown part of the component News Server. The manipulation of the argument utag leads to cross site scripting. This vulnerability is uniquely identified as CVE-2007-5370. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.