Aggregator

A vulnerability classified as problematic was found in Libarchive 3.6.0. This vulnerability affects the function zipx_lzma_alone_init. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2022-26280. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in BlueZ. Affected by this issue is some unknown functionality of the component Phone Book Access Profile. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2023-50229. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple iOS and iPadOS up to 15.3.1. Affected is an unknown function of the component libarchive. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2021-36976. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apple watchOS up to 8.4.2 and classified as critical. This issue affects some unknown processing of the component libarchive. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2021-36976. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apple macOS and classified as critical. Affected by this vulnerability is an unknown functionality of the component libarchive. The manipulation leads to memory corruption. This vulnerability is known as CVE-2021-36976. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

PDFMathTranslate PDF 文档翻译及双语对照 📊 保留公式和图表 📄 保留可索引目录 🌐 支持多种翻译服务 项目地址 安装 要求 Python 版本 &g...

11 月 10 日，一名黑客在某黑客论坛上列出了一个待售数据集，声称它包含 4.89 亿 Instagram 用户数据。

A vulnerability has been found in libarchive up to 3.5.1 and classified as critical. Affected by this vulnerability is the function copy_string. The manipulation leads to use after free. This vulnerability is known as CVE-2021-36976. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as critical has been found in Microsoft Windows up to Server 2022. This affects an unknown part of the component Libarchive. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2021-36976. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in FontForge up to 20230101 and classified as critical. This vulnerability affects unknown code of the component Splinefont. The manipulation leads to command injection. This vulnerability was named CVE-2024-25081. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in FontForge up to 20230101 and classified as critical. This issue affects some unknown processing of the component Splinefont. The manipulation leads to command injection. The identification of this vulnerability is CVE-2024-25082. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic was found in jose. This vulnerability affects unknown code of the component JWE Handler. The manipulation leads to resource consumption. This vulnerability was named CVE-2024-28176. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in latchset jose up to 11. This affects an unknown part of the component p2c Handler. The manipulation leads to resource consumption. This vulnerability is uniquely identified as CVE-2023-50967. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in podman. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to link following. This vulnerability is handled as CVE-2022-4122. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Postfix up to 3.5.23/3.6.13/3.7.9/3.8.4. It has been classified as problematic. Affected is an unknown function of the component Email Message Handler. The manipulation leads to protection mechanism failure. This vulnerability is traded as CVE-2023-51764. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as critical has been found in OpenSSL up to 3.0.11/3.1.4/3.2.0 on PowerPC. This affects an unknown part of the component POLY1305 MAC Handler. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2023-6129. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

PixPin是什么​ PixPin的名字来源于“Pixel Pin”，简单来说是一个截图、贴图的工具，但是PixPin以截图和贴图两大功能为核心做了大量的优化功能，目标是...

Advocacy Groups Call for Government to Regulate Social Media Platforms
The Australian government is on track to introduce a bill in the Parliament to ban youths under the age of 16 from accessing social media platforms, but critics say age verification technologies are not accurate and a ban may push children into unsafe, less visible parts of the Internet.

'Wirte' Threat Actor Used Wiper That Checks if Victim Is Located in Israel
Hackers likely connected to Palestinian militants Hamas were behind wiper attacks detected in October against Israeli organizations including hospitals and municipalities. Israeli cybersecurity firm Check Point on Tuesday attributed the attacks to a group tracked as Wirte.

US to Advocate for Human Rights Safeguards from Supporting Member Nations
The United States will support a controversial cybercrime convention initially proposed by Russia that is currently making its way through the United Nations, officials told reporters, while seeking out human rights assurances from supporting member nations.