Aggregator

A vulnerability was found in Novell ZENworks Asset Management 7.5 and classified as critical. Affected by this issue is the function doGet/doPost/DoReport/HandleMaintenanceCalls of the component rtrlet. The manipulation leads to credentials management. This vulnerability is handled as CVE-2012-4933. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability, which was classified as critical, has been found in Carlo Gavazzi VMU-C EM and VMU-C PV. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2017-5146. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Cambium cnPilot 4.3.2-R4. This issue affects some unknown processing of the file /goform/down_cfg_file of the component Administrative Console. The manipulation leads to configuration (Config). The identification of this vulnerability is CVE-2017-5260. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Yaws 1.91 and classified as critical. This vulnerability affects unknown code of the component URL Handler. The manipulation leads to path traversal. This vulnerability was named CVE-2011-4350. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in TVT NVMS-1000 and classified as critical. Affected by this vulnerability is an unknown functionality of the component GET Request Handler. The manipulation with the input /.. leads to path traversal. This vulnerability is known as CVE-2019-20085. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Red Hat Enterprise Application Platform 5.2 and classified as critical. This vulnerability affects the function doFilter of the component JBoss Application Server. The manipulation leads to deserialization. This vulnerability was named CVE-2017-12149. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Red Hat JBoss Enterprise Application Platform 4/4.2/4.2.0. Affected by this vulnerability is an unknown functionality of the file 4.2.0.CP09. The manipulation of the argument full=true leads to improper access controls. This vulnerability is known as CVE-2010-1429. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in JBoss Enterprise Application Platform. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file 4.2.0.CP03. The manipulation of the argument full=true leads to improper access controls. This vulnerability is known as CVE-2008-3273. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Novell File Reporter 1.0.2. Affected is an unknown function of the file NFRAgent.exe. The manipulation leads to path traversal. This vulnerability is traded as CVE-2012-4957. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Kaqoo Auction Software. This affects an unknown part of the file include/display/context_menu.inc.php. The manipulation of the argument install_root leads to improper privilege management. This vulnerability is uniquely identified as CVE-2007-1790. Local access is required to approach this attack. Furthermore, there is an exploit available.

A vulnerability was found in Nonghyup Smart Card 3.2. It has been rated as critical. This issue affects some unknown processing of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2014-5799. The attack needs to be approached within the local network. There is no exploit available.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

少数派此前整理过值得关注的官翻产品购买渠道，希望能够帮助大家把钱花在刀刃上。如今又是一年开学季，不管你是即将步入大学的学生朋友还是刚刚踏入社会的毕业生，如果想要添置新设备却苦于囊中羞涩，官翻产品依然是

A vulnerability, which was classified as critical, has been found in Adobe Acrobat Reader up to 11.0.18/15.006.30244/15.020.20042. Affected by this issue is some unknown functionality of the component Rendering Engine. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2017-3010. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Acrobat Reader up to 11.0.18/15.006.30244/15.020.20042. Affected by this vulnerability is an unknown functionality of the component JPEG2000 Parser. The manipulation leads to memory corruption. This vulnerability is known as CVE-2017-3009. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

联合国宣布，陷入无政府状态的苏丹正在发生大面积饥荒。如果不尽快进行援助，苏丹可能发生自中国三年大饥荒以来世界最严重的饥荒。荷兰智库 Clingendael Institute 5 月发布的报告估计，到今年底，饥饿以及相关疾病将导致苏丹逾两百万人死亡。作者估计，即使战争停止，今年的粮食收成略好于去年，那么到 2027 年苏丹的超额死亡仍然会达到 600 万。如果战争持续到明年初，那么死亡人数预计将超过千万。饥荒的直接原因是始于 2023 年 4 月的内战，苏丹军方与准军事武装 Rapid Support Forces(RSF)之间爆发冲突，战争本身可能已导致 15 万人死亡。苏丹战前有大约 5000 万人口，逾五分之一人口逃离战火，部分人在邻国避难，但还有接近 800 万人口在苏丹境内，很多人住在难民营里。

A vulnerability, which was classified as critical, has been found in Adobe Acrobat Reader up to 11.0.18/15.006.30244/15.020.20042. Affected by this issue is some unknown functionality of the component XFA Engine. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2017-2967. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in ZKTeco ZEM500-510-560-760, ZEM600-800, ZEM720 and ZMM up to 8.87/14.x and classified as problematic. This vulnerability affects unknown code of the file form/DataApp?style=1. The manipulation leads to information disclosure. This vulnerability was named CVE-2022-42953. Access to the local network is required for this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Here's an overview of the various breaches that have been consolidated into this Have I BeenPwned.

A vulnerability has been found in Icash Click and Email and classified as problematic. This vulnerability affects unknown code of the file admin_dblayers.asp. The manipulation of the argument tablename leads to cross site scripting. This vulnerability was named CVE-2008-5893. The attack can be initiated remotely. Furthermore, there is an exploit available.