Aggregator

Name: ISITDTU CTF 2024 Quals (an ISITDTU CTF event.)
Date: Oct. 26, 2024, 2 a.m. — 27 Oct. 2024, 10:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.isitdtu.com/
Rating weight: 51.00
Event organizers: ISITDTU

Name: Russian CTF Cup 2024 Qualifier (an Russian CTF Cup event.)
Date: Oct. 26, 2024, 9 a.m. — 27 Oct. 2024, 09:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctfcup.ru/
Rating weight: 24.21
Event organizers: ctfcup

Authors/Presenters:Iggy

Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their timely DEF CON 32 erudite content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – AppSec Village – Ticking SQLi appeared first on Security Boulevard.

henrymans0n has Allegedly LEaked Data of NGO Department of Iraq

A vulnerability, which was classified as critical, has been found in Apple macOS. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2024-23283. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple iOS and iPadOS. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-23283. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Apple tvOS. Affected by this issue is some unknown functionality. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2024-23297. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple iOS and iPadOS. This affects an unknown part. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2024-23297. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple watchOS and classified as critical. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-23297. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple tvOS. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Siri. The manipulation leads to state issue. This vulnerability is known as CVE-2024-23293. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple iOS and iPadOS. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Siri. The manipulation leads to state issue. This vulnerability is handled as CVE-2024-23293. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Apple macOS. This affects an unknown part of the component Siri. The manipulation leads to state issue. This vulnerability is uniquely identified as CVE-2024-23293. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Apple watchOS. This vulnerability affects unknown code of the component Siri. The manipulation leads to state issue. This vulnerability was named CVE-2024-23293. It is possible to launch the attack on the physical device. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Apple visionOS 1.0. This affects an unknown part of the component Persona Handler. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2024-23295. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Unisoc SC7731E, SC9832E, SC9863A, T310, T606, T612, T616, T610, T618, T760, T770, T820 and S8000. Affected is an unknown function of the component Camera Driver. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-23658. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in Sharp Energy Management Controller with Cloud Services up to B0.1.9.1 and classified as problematic. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-23785. The attack may be launched remotely. There is no exploit available.

新加坡官员批准了全球最大的可再生能源和输电项目。该项目首先在澳大利亚北领地州（Northern Territory）建造大型太阳能发电场，向该州首府达尔文输送清洁能源，将部分电力通过海底电缆出口到 4300 公里外新加坡。被称为 Powell Creek 的澳大利亚亚洲电力连接项目设计峰值太阳能装机容量为 20 GW，电池储存容量 36-42 GWh，预计首批清洁电力将于 2030 年代初开始供应。

A vulnerability was found in Apple tvOS up to 10.1 and classified as problematic. Affected by this issue is some unknown functionality of the component CoreText. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2017-2450. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

DarkRaaS Allegedly is Selling Access to an Argentina Government Windows Server

A Threat Actor Allegedly Leaked Bio-Rad Laboratories, Inc Database