Aggregator

A vulnerability was found in Vector Skin up to 1.39.4/1.40.0 on MediaWiki. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file VectorComponentUserLinks.php. Executing a manipulation of the argument Title can lead to an unknown weakness. This vulnerability is handled as CVE-2023-45361. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in MediaWiki and classified as problematic. The impacted element is the function youhavenewmessagesmanyusers/youhavenewmessages of the file MediaWiki:Youhavenewmessagesfromusers of the component i18n Message Handler. The manipulation results in cross site scripting. This vulnerability is identified as CVE-2023-45360. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Atos Unify Unify OpenScape 4000 Platform V10 1.42.2 and classified as critical. This affects an unknown function of the component Portal. Executing a manipulation can lead to command injection. This vulnerability is handled as CVE-2023-45356. The attack can only be done within the local network. There is not any exploit available. A patch should be applied to remediate this issue.

A vulnerability described as problematic has been identified in Archer Platform. This vulnerability affects unknown code of the component Warning Message Handler. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2023-45357. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability has been found in Atos Unify OpenScape 4000 Platform V10 1.42.2 and classified as critical. The impacted element is an unknown function. Performing a manipulation results in command injection. This vulnerability is known as CVE-2023-45355. Access to the local network is required for this attack. No exploit is available. It is suggested to install a patch to address this issue.

Internal files describe a training platform as part of a large integrated system designed to allow attackers to practice hacking replicas of “the real network environments” of China’s “main operational opponents in the South China Sea and Indochina directions.”

French Insurance Company Maxance Allegedly Breached, 348K Customer Records Leaked

哈佛商业评论发表报告称，AI 没有减少工作量而是增加了工作强度。报告称：在一项为期八个月的研究中，他们调查了生成式 AI 如何改变一家有大约 200 名员工的美国科技公司的工作习惯。研究发现，员工的工作节奏更快，承担了更广泛的任务，工作时间更长，经常是主动去做的。公司并未强制要求使用 AI。由于 AI 让多做点事变得触手可及、切实可行，且在很多情况下能带来内在成就感，员工们主动承担了更多的工作。听起来是企业领导梦寐以求的事情，但热情拥抱 AI 带来的变革可能难以持续，会引发更多新问题。一旦新鲜感消退，员工们可能会发现他们的工作量悄然增加，疲于应对突然涌现的任务。这种工作量的累积反过来会导致认知疲劳、职业倦怠和决策能力下降。最初享受到的生产力激增可能会被工作质量下降、人员流动等问题所取代。

Почему власти смягчили меры борьбы с мошенниками.

A vulnerability was found in SmarterTools SmarterTrack 10.x/14.x. It has been rated as problematic. Affected by this vulnerability is an unknown functionality of the file /Management/Chat/frmChatSearch.aspx of the component Chat Management Search Form. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere. This vulnerability is referenced as CVE-2020-36926. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in PHPGurukul Hospital Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hms/hospital/docappsystem/adminviews.py of the component Admin Dashboard Page. Performing a manipulation results in improper authorization. This vulnerability is known as CVE-2026-1550. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability categorized as critical has been discovered in ErugoOSS Erugo up to 0.2.14. The affected element is an unknown function. Such manipulation leads to path traversal. This vulnerability is documented as CVE-2026-24897. The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability described as problematic has been identified in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcp_reports.go. The manipulation results in null pointer dereference. This vulnerability is identified as CVE-2026-1975. The attack can be executed remotely. Additionally, an exploit exists. Applying a patch is advised to resolve this issue.

A vulnerability classified as problematic has been found in Free5GC up to 4.1.0. Affected is the function SessionDeletionResponse of the component SMF. This manipulation causes null pointer dereference. This vulnerability is tracked as CVE-2026-1976. The attack is possible to be carried out remotely. Moreover, an exploit is present. It is suggested to install a patch to address this issue.

A vulnerability labeled as problematic has been found in Free5GC up to 4.1.0. The impacted element is the function establishPfcpSession of the component SMF. Executing a manipulation can lead to null pointer dereference. The identification of this vulnerability is CVE-2026-1973. The attack may be launched remotely. Furthermore, there is an exploit available. It is best practice to apply a patch to resolve this issue.