Aggregator

Submit #489633 / VDB-294858

Испытания подтвердили эффективность роботов-сапёров.

A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Password Handler. The manipulation leads to use of weak credentials. The identification of this vulnerability is CVE-2025-1081. The attack needs to be done within the local network. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. It is recommended to change the configuration settings. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #488582 / VDB-294857

A vulnerability was found in Holded Application. It has been declared as problematic. This vulnerability affects the function Activities. The manipulation of the argument name/icon leads to cross site scripting. This vulnerability was named CVE-2025-1076. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Huawei HarmonyOS 5.0.0. It has been classified as problematic. This affects an unknown part of the component VPN Service Module. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-57962. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Huawei HarmonyOS and EMUI and classified as critical. Affected by this issue is some unknown functionality of the component emcom Module. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2024-57961. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability has been found in Huawei HarmonyOS and EMUI and classified as problematic. Affected by this vulnerability is an unknown functionality of the component ExternalStorageProvider Module. The manipulation leads to improper input validation. This vulnerability is known as CVE-2024-57960. Attacking locally is a requirement. There is no exploit available.

A vulnerability, which was classified as critical, was found in Huawei HarmonyOS and EMUI. Affected is an unknown function of the component Display Module. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-57959. Local access is required to approach this attack. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Huawei HarmonyOS and EMUI. This issue affects some unknown processing of the component FFRT Module. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-57958. An attack has to be approached locally. There is no exploit available.

A vulnerability classified as problematic was found in Huawei HarmonyOS 5.0.0. This vulnerability affects unknown code of the component Media Library Module. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-57954. The attack needs to be approached locally. There is no exploit available.

A vulnerability classified as critical has been found in Huawei HarmonyOS 5.0.0. This affects an unknown part of the component UI Framework Module. The manipulation leads to violation of secure design principles. This vulnerability is uniquely identified as CVE-2024-57957. It is possible to launch the attack on the physical device. There is no exploit available.

A vulnerability was found in Huawei HarmonyOS 5.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Interpreter String Module. The manipulation leads to integer overflow to buffer overflow. This vulnerability is handled as CVE-2024-57956. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Huawei HarmonyOS 5.0.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Gallery Module. The manipulation leads to information disclosure. This vulnerability is known as CVE-2024-57955. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Huawei HarmonyOS 5.0.0 and classified as problematic. This issue affects some unknown processing of the component ParamWatcher Module. The manipulation leads to channel accessible by non-endpoint. The identification of this vulnerability is CVE-2024-12602. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Check Point Multi-Domain Security Management and Quantum Security Management R81 EOS/R81.10/R81.20. It has been classified as problematic. Affected is an unknown function of the component cpca Handler. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2024-24911. It is possible to launch the attack remotely. There is no exploit available.

For everyone who doesn’t already live in Spain, the annual Mobile World Congress (MWC) in Barcelona is a highly anticipated pilgrimage to a spectacular city where the best and brightest in the telecommunications industry come together for four memorable days and nights. As if visiting the sights, sounds, and specular...

北极地区暖化速度比地球其它地区更快。上周六挪威 Svalbard 群岛北部气温比 1991-2020 年的平均气温高出 18 摄氏度，接近冰融点的 0 摄氏度。上周日，气温超过平均水平 20 摄氏度，记录到的绝对气温为 0.5 摄氏度。北纬 87°以北的绝对气温也高于 -1 摄氏度。气象学家表示这是一次极端的冬季暖化事件。自 1979 年以来，北极暖化速度是全球平均水平的几乎四倍，极端高温天气变得越来越常见。汉堡大学气候科学家 Dirk Notz 表示，气温升至冰点以上尤其令人担忧，因为意味着冰的融化。他和同事在 2023 年发表的一项研究预测，北冰洋将在未来二十年内首次在夏季失去海冰覆盖。

Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023. The total amount extorted during the first half of 2024 stood at $459.8 million, blockchain intelligence firm Chainalysis said, adding payment activity slumped after July 2024 by about 3.94%. "The number of ransomware events increased into H2, but on-chain payments declined,