Submit #455074: Z-Blog Z-BlogPHP_1_7_3295 1_7_3295 Improper Neutralization of Alternate XSS Syntax [Duplicate]
Submit #455074 / VDB-117817
Aggregator
A week in security (December 9 – December 15)
8 months 4 weeks ago
CVE-2024-12644 | Chunghwa Telecom tbm-client up to 0.3.20 cross-site request forgery
8 months 4 weeks ago
A vulnerability was found in Chunghwa Telecom tbm-client up to 0.3.20 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery.
This vulnerability is handled as CVE-2024-12644. The attack may be launched remotely. There is no exploit available.
vuldb.com
绿盟科技作为联合牵头单位参与的《金融行业云原生安全体系研究》获得2024年度优秀课题荣誉
8 months 4 weeks ago
云原生安全领域再获成果
绿盟科技作为联合牵头单位参与的《金融行业云原生安全体系研究》获得2024年度优秀课题荣誉
8 months 4 weeks ago
近日,由绿盟科技联合牵头参与的《金融行业云原生安全体系研究》报告,获得了北京金融科技产业联盟金融数字化转型工作专委会的认可,并被授2024年度优秀课题的荣誉,该课题的目标是推动云原生安全技术在
CVE-2024-12645 | Chunghwa Telecom topm-client up to 0.3.17 API cross-site request forgery
8 months 4 weeks ago
A vulnerability has been found in Chunghwa Telecom topm-client up to 0.3.17 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component API. The manipulation leads to cross-site request forgery.
This vulnerability is known as CVE-2024-12645. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-9679 | Trellix DLP Extension 11.11.1.3 hard-coded key
8 months 4 weeks ago
A vulnerability, which was classified as problematic, was found in Trellix DLP Extension 11.11.1.3. Affected is an unknown function. The manipulation leads to use of hard-coded cryptographic key
.
This vulnerability is traded as CVE-2024-9679. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-12646 | Chunghwa Telecom topm-client up to 0.3.17 API cross-site request forgery
8 months 4 weeks ago
A vulnerability, which was classified as problematic, has been found in Chunghwa Telecom topm-client up to 0.3.17. This issue affects some unknown processing of the component API. The manipulation leads to cross-site request forgery.
The identification of this vulnerability is CVE-2024-12646. The attack may be initiated remotely. There is no exploit available.
vuldb.com
Суцкевер о будущем ИИ: конец больших данных, начало рассуждений
8 months 4 weeks ago
Как эволюционирует ИИ, когда человеческий контент станет дефицитом.
为何深度睡眠有助于加深记忆
8 months 4 weeks ago
永久记忆是如何形成的?专家认为,睡觉时我们大脑会回放当天发生的事情,将信息从短期记忆区域海马体转移到位于大脑新皮层的长期记忆区域。“慢波”在这个过程中尤为关键。研究小组研究了 45 名接受过神经外科手术治疗癫痫或脑肿瘤的患者的完整的新皮层组织样本,在组织中模拟了深度睡眠时慢脑电波的典型电压波动,然后测量了神经细胞的反应。他们发现,在电压波动期间,新皮层神经元之间的突触连接在一个非常特定的时间点上得到最大程度的增强。慢波使长期记忆所在的新皮层特别容易接受信息。这一发现可能有助于优化旨在从外部支持记忆形成的治疗方法。
为何深度睡眠有助于加深记忆
8 months 4 weeks ago
永久记忆是如何形成的?专家认为,睡觉时我们大脑会回放当天发生的事情,将信息从短期记忆区域海马体转移到位于大脑新皮层的长期记忆区域。“慢波”在这个过程中尤为关键。研究小组研究了 45 名接受
21 天微笑挑战
8 months 4 weeks ago
You are your habit. 悄悄(敲敲)成为更好的自己
21 天微笑挑战
8 months 4 weeks ago
发起一个很简单的小挑战:连续打卡 21 天。30 天里,可以只是打卡“给自己一个微笑”——我的感受是,每天对着镜子,或者拿出手机,打开摄像头的自拍模式,微笑一下,嘴角上扬的那一瞬间,都会很愉悦。我也不
CERT-AGID 6 – 13 dicembre: 416.000 record diffusi online
8 months 4 weeks ago
/r/ReverseEngineering's Weekly Questions Thread
8 months 4 weeks ago
【直播预告】数智时代的密码基石,号卡与网络身份安全 专题分享会
8 months 4 weeks ago
【直播预告】数智时代的密码基石,号卡与网络身份安全 专题分享会
研究显示:平均每个软件容器中发现600多个漏洞
8 months 4 weeks ago
NetRise 的研究显示,7.9%的漏洞存在时间超过五年,4.2%的关键和高危漏洞被归类为“武器化”漏洞,并在实际攻击中被积极利用。
【直播预告】数智时代的密码基石,号卡与网络身份安全 专题分享会
8 months 4 weeks ago
在量子加密、国密算法等前沿科技引领的数字时代,安全成为数智时代发展的基石与保障。为深化数字安全认知,推动行业协同发展,中移互联网将举办【数智时代的密码基石,号卡与网络身份安全】专题分享会。本次大会特邀
研究显示:平均每个软件容器中发现600多个漏洞
8 months 4 weeks ago
根据NetRise的最新研究,平均每个软件容器的底层组件中存在604个已知漏洞,其中45%以上的漏洞存在2至10多年,7.9%的漏洞存在5年以上,而4.2%被认为是“关键”或“高”的漏洞还被归类为“武
SecurityLab исполнилось 22 года
8 months 4 weeks ago
В честь дня рождения — розыгрыш мощной игровой консоли Xbox Series X 1 ТБ.