Aggregator

A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as problematic. This affects an unknown part of the file /web-static/. The manipulation leads to files or directories accessible. This vulnerability is uniquely identified as CVE-2024-8655. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. It is recommended to apply restrictive firewalling.

A vulnerability, which was classified as critical, has been found in iniNet Solutions SpiderControl SCADA Web Server up to 2.09. Affected by this issue is some unknown functionality of the component File Handler. The manipulation leads to unrestricted upload. This vulnerability is handled as CVE-2024-8232. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Ivanti Workspace Control up to 10.18.50.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Management Console. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is handled as CVE-2024-44105. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Ivanti Workspace Control up to 10.18.50.0. This affects an unknown part of the component Management Console. The manipulation leads to authentication bypass by spoofing. This vulnerability is uniquely identified as CVE-2024-44104. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Ivanti Workspace Control up to 10.18.50.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Management Console. The manipulation leads to client-side enforcement of server-side security. This vulnerability is known as CVE-2024-44106. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Ivanti Workspace Control up to 10.18.50.0 and classified as critical. Affected by this issue is some unknown functionality of the component Management Console. The manipulation leads to untrusted search path. This vulnerability is handled as CVE-2024-44103. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Vicidial 2.14-917a. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to os command injection. This vulnerability was named CVE-2024-8504. Access to the local network is required for this attack to succeed. Furthermore, there is an exploit available.

A vulnerability was found in Renwoxing Enterprise Intelligent Management System up to 2.x and classified as critical. Affected by this issue is some unknown functionality of the file /fx/baseinfo/SearchInfo. The manipulation of the argument parid leads to sql injection. This vulnerability is handled as CVE-2024-43040. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Vicidial 2.14-917a. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2024-8503. The attack may be initiated remotely. Furthermore, there is an exploit available.

Adobe addressed tens of vulnerabilities, including critical issues that could allow attackers to execute arbitrary code on Windows and macOS. Adobe Patch Tuesday security updates addressed multiple vulnerabilities in its products, including critical flaws that could allow attackers to execute arbitrary code on Windows and macOS systems. The most severe vulnerabilities are two critical memory […]

福特公司新申请的一项技术以推送定制化车载广告为目的，广泛收集驾驶员数据，包括车内对话。

A vulnerability, which was classified as problematic, has been found in Samsung Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920 and Exynos W930. Affected by this issue is the function slsi_rx_scan_ind. The manipulation leads to integer overflow. This vulnerability is handled as CVE-2024-27367. Attacking locally is a requirement. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Samsung Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920 and Exynos W930. This affects the function slsi_rx_scan_done_ind. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-27366. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability has been found in Samsung Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920 and Exynos W930 and classified as problematic. This vulnerability affects the function slsi_rx_received_frame_ind. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2024-27368. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 and Exynos 1330 and classified as critical. This issue affects the function slsi_get_scan_extra_ies. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2024-27383. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 and Exynos 1330. It has been classified as critical. Affected is the function slsi_rx_range_done_ind. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2024-27387. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Loftware Spectrum up to 4.6. It has been classified as critical. This affects an unknown part of the component JMX Registry Handler. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2023-37234. The attack can only be initiated within the local network. There is no exploit available.

Как учебные заведения становятся лёгкой мишенью для хакеров.

从火星的地貌特征可以推测，火星过去是一个非常湿润的星球。科学家已知，过去 30 亿年中，至少有部分水进入了地下深处，但剩下的水去了哪里？天文学家结合哈伯太空望远镜和火星大气与挥发物演化探测器（MAVEN）的数据，得出了最新结论：火星上的水有两个主要去处，一是冻结在地下，二是水分子被分解为原子，并从大气层顶端逃逸至太空。不过，由于目前对这些原子逃逸过程的物理机制仍存在不确定性，因此无法准确估算火星最初的水量。目前认为，火星大气中的气态水源自于极地冰冠中固态水的升华。这些水分子在大气层中受到紫外线照射后分解为氢原子和氧原子。由于氘（氢的同位素，带有一个中子）质量是普通氢的两倍，氘逃逸至太空的速度比普通氢慢得多。随着时间推移，火星大气中的氘相对于氢的比例逐渐增加。最新观测显示，火星大气中的氘氢比是地球海洋的 5到 8 倍。假设火星原始水源的氘氢比例与地球相同，这表示火星上部分水分被分解为原子并逃逸至太空。