Aggregator

A vulnerability was found in Saltcorn up to 1.0.0-beta.15. It has been declared as critical. This vulnerability affects unknown code of the file sync/clean_sync_dir of the component POST Parameter Handler. The manipulation of the argument dir_name leads to path traversal. This vulnerability was named CVE-2024-47818. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Solvait 24.4.2. It has been rated as critical. This issue affects some unknown processing of the file /AssignToMe/SetAction. The manipulation of the argument Request ID/Action Type leads to improper access controls. The identification of this vulnerability is CVE-2024-45919. The attack can only be done within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in VegaBird Yaazhini 2.0.2. Affected by this issue is some unknown functionality of the file Yaazhini.exe of the component DLL Handler. The manipulation leads to uncontrolled search path. This vulnerability is handled as CVE-2024-45873. Local access is required to approach this attack. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in VegaBird Vooki 5.2.9. This affects an unknown part of the component DLL Handler. The manipulation leads to uncontrolled search path. This vulnerability is uniquely identified as CVE-2024-45874. Attacking locally is a requirement. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in Solidigm DC P4510, DC P4610, DC P4511, D5-P4320 and D5-P4326 VCV10394/VDV10194/VEV10294. This affects an unknown part. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-47968. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability classified as problematic was found in Solidigm D7-P5510, D7-P5520, D7-P5620, D7-P5500 and D7-P5600 JCV1NP93/JCV1NQ93/JCV1NX93/JCV10400. This vulnerability affects unknown code. The manipulation leads to denial of service. This vulnerability was named CVE-2024-47974. The attack needs to be approached locally. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Solidigm D7-P5520, D7-P5620, D3-S4510, D3-S4610, D3-S4520, D3-S4620 and D5-P5316. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-47973. An attack has to be approached locally. There is no exploit available.

该安全漏洞是由未受信任数据的反序列化弱点引起的，未经认证的威胁行为者可以利用该漏洞进行低复杂度攻击。

A vulnerability, which was classified as problematic, has been found in Meshtastic Firmware up to 2.5.0. This issue affects some unknown processing. The manipulation leads to insufficient verification of data authenticity. The identification of this vulnerability is CVE-2024-47079. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Solidigm D7-P5510, D5-P5316, D7-P5520 and D7-P5620. Affected is an unknown function. The manipulation leads to resource consumption. This vulnerability is traded as CVE-2024-47972. An attack has to be approached locally. There is no exploit available.

A vulnerability has been found in Solidigm D5-P5316, D7-P5520 and D7-P5620 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-47971. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Solidigm DC P4510, DC P4610, D7-P5500, D7-P5600, D5-P5316, D7-P5520, D7-P5620, DC P4511, D5-P4320, D5-P4326, D7-P5510 and D7-P5628. It has been classified as problematic. This affects an unknown part. The manipulation leads to improper authorization. This vulnerability is uniquely identified as CVE-2024-47976. It is possible to launch the attack on the physical device. There is no exploit available.

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士一名威胁行动者攻陷 “互联网档案馆 (Internet Archive)”的“时间回溯机 (The Wayback Machine)”网站，窃取了包

聚焦源代码安全，网罗国内外最新资讯！编译：代码卫士Mozilla 发布紧急安全更新，修复了 Firefox 浏览器中的一个严重的释放后使用漏洞 (CVE-2024-9680)，目前该漏洞已遭利用。该

足球玩家可能想象不到，FIFA 和 PES 有一天会以合作的形式联系在一起。FIFA 与 EA 因为授权费用而分道扬镳，FIFA 据报道想要获得每年 2.5 亿美元的授权费，EA 认为这一金额无法接受，它也许愿意接受 5000 万美元或 1 亿美元的冠名授权费，但 2.5 亿美元超出了它愿意支付的范围。EA 开发的 FIFA 2023 是最后一款冠名 FIFA 的足球游戏，此后的游戏都改名为 EA Sports FC。FIFA 表示它计划推出一款与 EA Sports FC 竞争的足球游戏，然而它至今没有找到一家愿意参与此事的游戏开发商。现在它找到了 EA Sports 的长期竞争对手科乐美（Konami），不过不是让曾经的 PES 冠名为 FIFA，而只是在游戏活动上进行合作：科乐美和 FIFA 宣布合作推出 FIFAe World Cup eSports 锦标赛活动，这一赛事将在今年晚些时候向 eFootball（旧名 PES）玩家推出。

CyberAv3ngers利用AI寻找默认密码和漏洞，编写bash和Python脚本，增强攻击能力。

代码如同神秘的魔法，而掌握调试工具就是魔法师手中的魔杖。本周更新多节x64dbg 是一款开源、免费、功能强大的动态反汇编调试器，能够在 Windows 平台上进行应用程序的反汇编、调试和分析工作，特别

近日，Internet Archive 遭到了黑客攻击，被窃取了一个包含3100万条记录的用户认证数据库。 互联网档案馆（Internet Archive）是一家非营利性的数字图书馆，旨在提供免费、普

一概述CAN 协议即控制器局域网络 (Controller Area Network)简称，由研发和生产汽车电子产品著称的德国 BOSCH 公司开发，成为国际标准ISO11519以及ISO11898。

·SDC2024 议题预告 ·01Rust 的安全幻影：语言层面的约束及其局限性本议题深入分析了 Rust 编程语言的编译二进制文件及其现有的安全问题。Rust 语言的安全机制源自于其背后的约束，Ru