Aggregator

PHILADELPHIA, Pennsylvania, January 7th, 2025/CyberNewsWire/--Security Risk Advisors today announced

A vulnerability, which was classified as critical, has been found in KaiYuanTong ECT Platform up to 2.0.0. Affected by this issue is some unknown functionality of the file /public/server/runCode.php of the component HTTP POST Request Handler. The manipulation of the argument code leads to command injection. This vulnerability is handled as CVE-2025-0328. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic was found in langhsu Mblog Blog System 3.5.0. Affected by this vulnerability is an unknown functionality of the file /search of the component Search Bar. The manipulation of the argument kw leads to cross site scripting. This vulnerability is known as CVE-2024-13199. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. This vulnerability is traded as CVE-2024-13198. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #470601 / VDB-290792

Submit #470430 / VDB-290791

Submit #470429 / VDB-290790

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been rated as problematic. This issue affects the function updateUser of the file src/main/Java/org/zdd/bookstore/web/controller/admin/AdminUserControlle.java. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-13197. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been declared as problematic. This vulnerability affects the function BookSearchList of the file src/main/java/org/zdd/bookstore/web/controller/BookInfoController.java. The manipulation of the argument keywords leads to cross site scripting. This vulnerability was named CVE-2024-13196. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in donglight bookstore电商书城系统说明 1.0.0. It has been classified as critical. This affects the function getHtml of the file src/main/java/org/zdd/bookstore/rawl/HttpUtil.java. The manipulation of the argument url leads to server-side request forgery. This vulnerability is uniquely identified as CVE-2024-13195. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

根据英国和中国老龄化纵向研究，如今的老年人在身体和心理功能上都比同龄的前几代人要好。1950 年出生的 68 岁老人与 10 年前出生的 62 岁老人的能力相似，1940年出生的人的功能比 1930 年或 1920 年出生的人更好。研究人员认为教育、营养和卫生条件的改善可能起到了关键作用。医学上的进步——比如关节置换和对慢性疾病更好的治疗——也可能是促成因素。研究人员警告说，他们的观察是针对特定时期和单个国家的。同样的趋势可能在美国没有出现，或者在整个人口中没有出现。

Submit #469772 / VDB-290789

Submit #469771 / VDB-290788

Submit #469689 / VDB-290787

Red Canary parses through 6 billion telemetry records per day to detect threats in our customers’ cloud environments. Here’s how we do it.

A step-by-step guide to building a framework for ingesting billions of cloud telemetry records to detect and respond to cyber threats

CDN 服务商 Akamai 已通知客户将终止在中国的 CDN 服务。Akamai 称，在华 CDN 服务将于 2026 年 6 月 30 日停止，客户如果不采取任何行动那么将会转移到中国

CDN 服务商 Akamai 已通知客户将终止在中国的 CDN 服务。Akamai 称，在华 CDN 服务将于 2026 年 6 月 30 日停止，客户如果不采取任何行动那么将会转移到中国境外的 Akamai CDN，或者它们可以迁移到其在中国的 CDN 合作伙伴腾讯云和网宿科技。为了保持服务不会中断，客户必须在 2026 年 6 月 30 日之前完成迁移。Akamai 没有解释原因，它表示仍然致力于中国市场，是在华外企便于使用的供应商。