Aggregator

A vulnerability, which was classified as critical, has been found in Myphpsoft Myphplinks 2.1.9/2.2.0. Affected by this issue is some unknown functionality of the file admin/auth/checksession.php of the component Session Handler. The manipulation of the argument idsession leads to sql injection. This vulnerability is handled as CVE-2002-2304. The attack may be launched remotely. Furthermore, there is an exploit available.

Automattic CEO 兼 WordPress 开源项目联合创始人 Matt Mullenweg 关闭了多位据称试图创建分支的 WordPress.org 贡献者账号：Joost d

Automattic CEO 兼 WordPress 开源项目联合创始人 Matt Mullenweg 关闭了多位据称试图创建分支的 WordPress.org 贡献者账号：Joost de Valk、Karim Marucchi、Se Reed、Heather Burns 以及 Morten Rand-Hendriksen。通过关闭账号，Mullenweg 宣称要给他们更大的动力去创建分支。其中 de Valk 是 WordPress SEO 工具 Yoast 的作者，他在 Automattic 宣布减少对 WordPress.org 的支持后表示愿意领导 WordPress 下一个版本的开发；Marucchi 是 企业 Web 咨询公司 Crowd Favorite 的 CEO，他公开表达了对 de Valk 的支持；Se Reed 是新成立非营利组织 WP Community Collective 的总裁兼 CEO；Burns 则早在 2020 年就不再参与 WordPress 项目，她对自己的账号被关闭表达了惊讶；Rand-Hendriksen 也在 2019 年后退出了项目，他认为自己和 Burns 的账号被关闭是因为他们曾在 2017 年针对 WordPress 项目提出了有关治理、问责和利益冲突方面的问题，认为 Mullenweg 至今对此耿耿于怀。

Как реклама открыла двери к серверам Meta.

Аналитики оценивают ущерб национальной безопасности как значительный.

在现代 Linux 生态系统中，eBPF（Extended Berkeley Packet Filter）已经成为一项炙手可热的技术。从网络性能优化、系统追踪到安全监控，eBPF 的应用领域不断扩大，

A vulnerability classified as problematic was found in Icegram Express Email Subscribers Plugin up to 5.7.44 on WordPress. Affected by this vulnerability is an unknown functionality of the component Workflow Setting Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-12568. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Icegram Express Email Subscribers Plugin up to 5.7.44 on WordPress. Affected is an unknown function of the component Form Setting Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-12567. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A newly disclosed security vulnerability in IBM Robotic Process Automation (RPA) has raised concerns about potential data breaches. The vulnerability, tracked as CVE-2024-51456, could allow remote attackers to exploit cryptographic weaknesses and access sensitive information. IBM has released a security bulletin detailing the issue, alongside remediation measures to address the risk. IBM Robotic Process Automation Vulnerability The vulnerability […]

The post IBM Robotic Process Automation Vulnerability Let Attackers Obtain Sensitive Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Icegram Express Email Subscribers Plugin up to 5.7.44 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the component Form Setting Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-12566. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Icegram Express Email Subscribers Plugin up to 5.7.44 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Text Block Option Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-11636. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in HCL DRYiCE MyXalytics 6.3. It has been classified as problematic. This affects an unknown part. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-42180. It is possible to launch the attack on the physical device. There is no exploit available.

A vulnerability was found in HCL DRYiCE MyXalytics 6.3 and classified as problematic. Affected by this issue is some unknown functionality of the component Communication Channel Handler. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is handled as CVE-2024-42181. It is possible to launch the attack on the physical device. There is no exploit available.

A vulnerability has been found in Luxion KeyShot Viewer 12.1.1.11 and classified as critical. Affected by this vulnerability is an unknown functionality of the component KSP File Parser. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-0412. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Appointment Booking Calendar Plugin and Scheduling Plugin up to 1.1.22 on WordPress. Affected is an unknown function of the component Export Setting Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-12274. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in HCL DRYiCE MyXalytics 6.3. This issue affects some unknown processing of the component HTTP Response Header Handler. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-42179. The attack may be initiated remotely. There is no exploit available.