Aggregator

CVE-2014-5470 | Actual Analyzer up to 2014-08-29 ant os command injection (EDB-35549)

1 year 1 month ago

A vulnerability has been found in Actual Analyzer up to 2014-08-29 and classified as critical. This vulnerability affects unknown code. The manipulation of the argument ant leads to os command injection. This vulnerability was named CVE-2014-5470. The attack can only be initiated within the local network. Furthermore, there is an exploit available.

vuldb.com

CVE-2024-7014 | Telegram App up to 10.14.4 on Android Video EvilVideo input validation

Vuldb Updates

1 year 1 month ago

A vulnerability, which was classified as critical, has been found in Telegram App up to 10.14.4 on Android. This issue affects some unknown processing of the component Video Handler. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2024-7014. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-43487 | Microsoft Windows up to Server 2019 Mark of the Web protection mechanism

Vuldb Updates

1 year 1 month ago

A vulnerability has been found in Microsoft Windows up to Server 2019 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Mark of the Web. The manipulation leads to protection mechanism failure. This vulnerability is known as CVE-2024-43487. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

点击查看→云众可信“网络安全靶场”如何守护关键基础设施安全！

嘶吼

1 year 1 month ago

云众可信“网络安全靶场平台”紧贴实战、注重效能，能够为客户提供全面系统的网络靶场建设规划和灵活可靠的产品与服务支撑，并且实现全系国产化适配，适用于各行业安全建设需求。目前，平台已成功应用于大型央企、科研院所等单位，并在政府、工业控制、金融、通信等关键行业表现出众，赢得了客户的高度信赖与一致好评。

接下来，让我们通过一组海报，深入了解云众可信“网络安全靶场平台”如何赋能关键基础设施行业，助力构建坚实的网络安全底座，开启数字化时代的网络安全新篇章。

云众可信“网络安全靶场平台”不仅能够满足开展“实战演练、测试验证、技术研究、试验鉴定、效能评估”等多样任务需求，还在培养实战型信息安全人才方面优势显著，助力客户从容应对复杂多变的安全挑战，全面提升网络安全防御能力，筑牢数字化转型的安全基石。

企业资讯

CVE-2025-0639 | GitLab Community Edition/Enterprise Edition up to 17.9.6/17.10.4/17.11.0 allocation of resources

VulDB Recent Entries

1 year 1 month ago

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.9.6/17.10.4/17.11.0 and classified as critical. This issue affects some unknown processing. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-0639. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-12244 | GitLab Enterprise Edition up to 17.9.6/17.10.4/17.11.0 Project authorization

VulDB Recent Entries

1 year 1 month ago

A vulnerability has been found in GitLab Enterprise Edition up to 17.9.6/17.10.4/17.11.0 and classified as problematic. This vulnerability affects unknown code of the component Project Handler. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-12244. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-35965 | Mattermost up to 9.11.10/10.4.2/10.5.0 UpdateRunTaskActions allocation of resources

VulDB Recent Entries

1 year 1 month ago

A vulnerability, which was classified as critical, was found in Mattermost up to 9.11.10/10.4.2/10.5.0. This affects the function UpdateRunTaskActions. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2025-35965. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

【活动报名】腾讯安全沙龙第3期（成都站）诚邀大咖一起参加！

数世咨询

1 year 1 month ago

【活动报名】腾讯安全沙龙第3期（成都站）诚邀大咖一起参加！

RSAC 2025创新沙盒 | MIND：引领AI时代的数据安全革新者

数世咨询

1 year 1 month ago

RSAC 2025 创新沙盒 TOP10

别怪技术不够硬，网络钓鱼拿捏的就是“人性漏洞”

数世咨询

1 year 1 month ago

AI 写文案、深度伪造语音、锁定你最熟悉的品牌与同事——2025 年的网络钓鱼，比你想象得更“懂人性”。IBM 报告显示，钓鱼已成全球第二大数据泄露元凶，人均损失 476 万美元。问题不在技术，而在于人的注意力与情绪，被黑客精准利用。

腾讯云安全威胁情报专项场景发布：钓鱼欺诈篇

腾讯安全威胁情报中心

1 year 1 month ago

腾讯云安全威胁情报专项场景发布：钓鱼欺诈篇

腾讯安全威胁情报中心

1 year 1 month ago

Google Gemini 有 3.5 亿月活用户

Solidot

1 year 1 month ago

根据正在进行中的 Google 反垄断诉讼披露的内部数据，截至今年 3 月 Google 的 AI 聊天机器人 Gemini 全球有 3.5 亿月活跃用户。Gemini 去年 10 月的日活用户仅为 900 万，但今年 3 月已经增加到了 3500 万。根据法庭文件，Google 估计 ChatGPT 的月活用户为 6 亿。ChatGPT 是目前最受欢迎的 AI 聊天机器人。

The Human Advantage in the Age of Technological Uncertainties

Security Boulevard

1 year 1 month ago

Our excessive reliance on technology has disabled us from crossing the barriers to experience, sense, and relate with others the way we used to.

The post The Human Advantage in the Age of Technological Uncertainties appeared first on Security Boulevard.

Steve Durbin

Discord 准备 IPO，CEO 兼联合创始人辞职

Solidot

1 year 1 month ago

在玩家中非常受欢迎的社交服务 Discord 准备 IPO，但尚未宣布，它现在任命了一位新 CEO，表明它正朝着上市的目标继续推进。CEO 兼联合创始人 Jason Citron 辞职，但仍然会留在董事会，新 CEO 为前动视暴雪和 King 的高管 Humam Sakhnini。Citron 去年透露 Discord 有 870 名员工和逾 2 亿月活用户。Discord 的另一位联合创始人 Stanislav Vishnevskiy 将继续担 CTO。

CVE-2024-2637 | B&R Industrial Automation VC4 Files uncontrolled search path

Vuldb Updates

1 year 1 month ago

A vulnerability classified as critical was found in B&R Industrial Automation Scene Viewer, Automation Runtime, mapp Vision, mapp View, mapp Cockpit, mapp Safety and VC4. Affected by this vulnerability is an unknown functionality of the component Files Handler. The manipulation leads to uncontrolled search path. This vulnerability is known as CVE-2024-2637. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-32839 | Ivanti EPM up to 2022 SU5/2024 sql injection

Vuldb Updates

1 year 1 month ago

A vulnerability classified as critical was found in Ivanti EPM up to 2022 SU5/2024. This vulnerability affects unknown code. The manipulation leads to sql injection. This vulnerability was named CVE-2024-32839. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-32841 | Ivanti EPM up to 2022 SU5/2024 sql injection

Vuldb Updates

1 year 1 month ago

A vulnerability, which was classified as critical, has been found in Ivanti EPM up to 2022 SU5/2024. This issue affects some unknown processing. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2024-32841. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-32844 | Ivanti EPM up to 2022 SU5/2024 sql injection

Vuldb Updates

1 year 1 month ago

A vulnerability, which was classified as critical, was found in Ivanti EPM up to 2022 SU5/2024. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-32844. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-43439 | Moodle H5P Error Message cross site scripting

Vuldb Updates

1 year 1 month ago

A vulnerability was found in Moodle and classified as problematic. Affected by this issue is some unknown functionality of the component H5P Error Message Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-43439. The attack may be launched remotely. There is no exploit available.

vuldb.com

Aggregator

Managed ad