Aggregator

A vulnerability classified as problematic has been found in Consensys gnark up to 0.10.x. Affected is an unknown function. The manipulation leads to resource consumption. This vulnerability is traded as CVE-2024-50354. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in NixOS nix up to 2.24.9. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to protection mechanism failure. The identification of this vulnerability is CVE-2024-51481. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in yeswiki up to 4.4.4. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to risky cryptographic algorithm. This vulnerability was named CVE-2024-51478. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Emeraldwhale breach allowed access to over 10,000 repositories and resulted in the theft of more than 15,000 cloud service credentials

Single Sign-On (SSO) and Multi-Factor Authentication (MFA) - two key solutions that can both streamline access to critical systems and data for more geographically dispersed users, while minimizing the risk of unauthorized entry. 

The post How SSO and MFA Improves Identity Access Management (IAM) appeared first on Security Boulevard.

The free version of the popular WordPress plugin LiteSpeed Cache has fixed a dangerous privilege elevation flaw on its latest release that could allow unauthenticated site visitors to gain admin rights. [...]

A Threat Actor has Allegedly Leaked Data of RENIEC

Wire transfer fraud occurs when scammers convince a company to send money to a fraudulent account. While weeding out suspicious requests like this may seem rudimentary, it’s not.

The post Shedding AI Light on Bank Wire Transfer Fraud appeared first on Security Boulevard.

The 2024 cyber threat landscape highlights the growing sophistication of bots, with anti-detect browsers and automated attacks enhanced by the emergence of AI tools.

The post Terrifying Trends in the 2024 Cyber Threat Landscape appeared first on Security Boulevard.

A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This affects an unknown part of the file /api/config/list of the component Configuration Center. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2024-10620. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

欢迎预约直播，共同见证！

这下 CrowdStrike麻烦大啦！

A vulnerability was found in SIP Reviews Shortcode for WooCommerce Plugin up to 1.2.3 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-6480. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in SIP Reviews Shortcode for WooCommerce Plugin up to 1.2.3 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality of the component Shortcode Handler. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-6479. The attack can be launched remotely. There is no exploit available.

今日暂未更新资讯~
更多最新文章，请访问SecWiki

Submit #429927 / VDB-282633

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/next_detail.php. The manipulation of the argument repid leads to sql injection. This vulnerability is traded as CVE-2024-10619. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/record_detail.php. The manipulation of the argument repid leads to sql injection. The identification of this vulnerability is CVE-2024-10618. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2024-10617. The attack can be initiated remotely. Furthermore, there is an exploit available.