Aggregator

1月17日，中国互联网络信息中心在京发布第55次《中国互联网络发展状况统计报告》。

近日，中国信息通信研究院正式发布《全球数字经济发展研究报告（2024年）》。

北京市人大代表、天融信科技集团董事长李雪莹聚焦数字经济安全领域，今年带来了强化北京数字经济安全保障体系的系列建议。

2024年12月18日，国家互联网应急中心发布公告，发现处置两起美对我大型科技企业机构网络攻击事件。本报告将公布对其中我国某先进材料设计研究院的网络攻击详情，为全球相关国家、单位有效发现和防范美网络攻击行为提供借鉴。

2024年12月18日，国家互联网应急中心发布公告，发现处置两起美对我大型科技企业机构网络攻击事件。本报告将公布对其中我国某智慧能源和数字信息大型高科技企业的网络攻击详情，为全球相关国家、单位有效发现和防范美网络攻击行为提供借鉴。

近期，四部门联合印发《促进数据标注产业高质量发展的实施意见》，系统布局我国数据标注产业发展方向，以需求牵引与创新驱动双向发力，加快完善产业生态，推动数据标注产业全链条创新升级，为数据标注产业高质量发展指明前进方向。

1月16日，拜登政府发布任期最后一份“网络安全行政令”，继续强化软件供应链安全，筑牢联邦信息系统安全，加强联邦通信安全等相关措施，并推动后量子密码过渡，利用人工智能提升网络防御能力，改善云服务安全，意图为下任政府提供“网络安全工具箱”。

文末有福利哦🎉

文末有福利哦🎉

A vulnerability has been found in Fuji Electric Alpha5 and classified as critical. Affected by this vulnerability is an unknown functionality of the component C5V File Parser. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2024-34579. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Fuji Electric Alpha5 and classified as critical. Affected by this issue is some unknown functionality of the component C5V File Parser. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2024-34579. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Microsoft Windows up to Server 2025. It has been rated as critical. This issue affects some unknown processing of the component Secure Kernel Mode. The manipulation leads to incorrect permission assignment. The identification of this vulnerability is CVE-2025-21325. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Zenitel AlphaWeb XE 11.2.3.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file amc_uploads.php. The manipulation leads to file inclusion. This vulnerability is known as CVE-2024-57785. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability classified as critical was found in Zenitel AlphaWeb XE 11.2.3.10. This vulnerability affects unknown code of the file /php/script_uploads.php. The manipulation leads to path traversal. This vulnerability was named CVE-2024-57784. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability has been found in librenms up to 24.11.x and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /device/$DEVICE_ID/edit. The manipulation of the argument display leads to cross site scripting. This vulnerability is known as CVE-2024-56144. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in librenms up to 24.10.x and classified as problematic. Affected by this issue is some unknown functionality of the file /device/$DEVICE_ID/edit. The manipulation of the argument display leads to cross site scripting. This vulnerability is handled as CVE-2025-23198. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in themesebrand Chatvia 5.3.2. It has been classified as critical. This affects an unknown part of the component User Profile Handler. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-40513. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in themesebrand Chatvia 5.3.2. It has been declared as critical. This vulnerability affects unknown code. The manipulation of the argument User profile name leads to permission issues. This vulnerability was named CVE-2024-40514. The attack can be initiated remotely. There is no exploit available.