Aggregator

A vulnerability was found in IBM Security ReaQta 3.12. It has been classified as problematic. Affected is an unknown function of the component Web UI. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-45099. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Harbor and classified as critical. This issue affects some unknown processing. The manipulation leads to improper authorization. The identification of this vulnerability is CVE-2022-31666. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Harbor and classified as critical. This vulnerability affects unknown code. The manipulation leads to improper authorization. This vulnerability was named CVE-2022-31671. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in GitLab Community Edition and Enterprise Edition up to 17.3.6/17.4.3/17.5.1. This affects an unknown part. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2024-9693. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in IBM Security ReaQta 3.12. Affected by this issue is some unknown functionality of the component Web UI. The manipulation leads to permissive cross-domain policy with untrusted domains. This vulnerability is handled as CVE-2024-45642. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in IBM Security SOAR 51.0.1.0. Affected by this vulnerability is an unknown functionality. The manipulation leads to weak password recovery. This vulnerability is known as CVE-2024-45670. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

На смену тихому наблюдению приходят громкие деструктивные кампании.

Feed43 曾经是一个非常实用的在线工具，它可以通过“简单”的过

软件介绍李跳跳真实好友是一款检测微信好友的软件无需root，使用的方法称为“假转账法”。此方法优点是无感、不会打扰到对方。同时也不会真实产生转账行为。具

A vulnerability was found in Salt and classified as critical. This issue affects some unknown processing of the component Pre-Flight. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2023-34049. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Sonatype Nexus Repository 2 OSS and Nexus Repository 2 Pro up to 2.15.1 and classified as critical. This vulnerability affects unknown code. The manipulation leads to code injection. This vulnerability was named CVE-2024-5082. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Sonatype Nexus Repository 2 OSS and Nexus Repository 2 Pro up to 2.15.1. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-5083. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Tecno com.transsion.phoenix. It has been declared as problematic. This vulnerability affects unknown code of the component User Information Handler. The manipulation leads to improper privilege management. This vulnerability was named CVE-2024-11206. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in ITG Computer Technology vSRM Supplier Relationship Management System and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-7787. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Palo Alto Networks Cloud NGFW, PAN-OS and Prisma Access. It has been classified as critical. Affected is an unknown function of the component GlobalProtect Service. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-2550. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Palo Alto Networks Cloud NGFW, PAN-OS and Prisma Access. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Packet Handler. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-2551. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Palo Alto Networks Cloud NGFW, PAN-OS and Prisma Access. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to path traversal. This vulnerability is handled as CVE-2024-2552. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Google Android 12/13/14/15. This issue affects the function shouldHideDocument of the file ExternalStorageProvider.java. The manipulation leads to Local Privilege Escalation. The identification of this vulnerability is CVE-2024-43093. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

提供 DRM-free 游戏服务的 GOG 宣布了经典游戏保存计划 GOG Preservation Program。它将投入资源确保获得 Good Old Game: Preserved by GOG 印章游戏的兼容性，并会持续提供技术支持。首批列入保存计划的游戏共 100 款，它特别列举了如何改进《魔法门之英雄无敌3：完整版》、《暗黑破坏神 + 地狱火》和《生化危机捆绑包》的兼容性，其它列入的经典游戏包括了《Jagged Alliance》、《System Shock 2》、《Warcraft I & II》、《Dungeon Keeper Gold》、《Theme Park》、《SimCity 3000 Unlimited》以及 Wing Commander 系列。GOG 称其商店出售的旧游戏不是所有它都有权修改，它和开发商签署的合同有的是禁止它修改的，如果发现存在 bug，只有开发商有权修改，而很多经典游戏的开发商早就不存在了。

Typecho 的原生搜索功能存在明显不足，极大地影响了用户体验。就拿搜索 windows 10 系统下载相关内容来说，当用户输入 “windows 10 系统” 这一关...