Aggregator

Submit #552130 / VDB-303565

We’re kicking off Cloudflare’s 2025 Developer Week — our innovation week dedicated to announcements for developers.

A vulnerability classified as problematic has been found in Adobe Illustrator up to 27.9.2/28.3. Affected is an unknown function. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-20798. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Adobe Bridge up to 13.0.6/14.0.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-20771. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Nick Pelton Search Keyword Redirect Plugin up to 1.0 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-32080. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Adobe Animate up to 23.0.4/24.0.1 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-20796. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Animate up to 23.0.4/24.0.1 and classified as critical. This issue affects some unknown processing. The manipulation leads to integer overflow. The identification of this vulnerability is CVE-2024-20795. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Animate up to 23.0.4/24.0.1. It has been classified as problematic. Affected is an unknown function. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-20794. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Adobe Animate up to 23.0.4/24.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component File Handler. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-20797. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Early-MFC：基于早期网络流量的多视图三元组网络对Tor的增强流关联攻击 by ourren

更多最新文章，请访问SecWiki

A vulnerability was found in Leadinfo Plugin up to 1.0 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-32112. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Visitor Analytics TWIPLA Plugin up to 1.2.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-31937. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Tooltips Plugin up to 9.5.3 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-31285. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in BracketSpace Simple Post Notes Plugin up to 1.7.6 on WordPress. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-31935. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Pdfcrowd Save as Image Plugin up to 3.2.1 on WordPress. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-31931. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in WP Darko Top Bar Plugin up to 3.0.5 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-31928. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Link Whisper Free Plugin up to 0.6.9 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-31934. The attack may be launched remotely. There is no exploit available.

前不久返回地面的 Starliner 宇航员 Butch Wilmore 回顾了其不幸的飞行经历。他称，Starliner 飞船有 28 个反应控制系统推进器，当飞船飞到距离国际空间站一箭之遥的地方，有 4 个推进器发生了故障。按照任务飞行规则，他们应该返回地球，以免危及价值 1000 亿美元的空间站和上面的宇航员。但能否安全返回地面也是未知数。休斯顿地面团队认为最佳方法是重置故障推进器——类似 PC 发生故障之后强制关机重启，看看能不能解决问题。在此过程中，Wilmore 需要放开对飞船的控制。重置之后四个故障推进器中有两个恢复了工作。然而接着第五个推进器又停止了工作。任务控制中心再次尝试恢复故障推进器。最后只有一个推进器故障其它都恢复了，飞船恢复了自主飞行。 Wilmore 称在飞船对接空间站之后，他确信 Starliner 不太可能成为他们返回地球的飞船。

A vulnerability was found in Polevaultweb Intagrate Lite Plugin up to 1.3.7 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-31929. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Pdfcrowd Save as PDF Plugin up to 3.2.1 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-31930. The attack can be initiated remotely. There is no exploit available.