Aggregator

1999 年 Jorge Arellano Cid 领导的一组开发者创建了 Gzilla/Armadillo 的分支，开始开发今天被称为 Dillo 的浏览器。2024 年 12 月是 D

1999 年 Jorge Arellano Cid 领导的一组开发者创建了 Gzilla/Armadillo 的分支，开始开发今天被称为 Dillo 的浏览器。2024 年 12 月是 Dillo 诞生 25 周年。Jorge 从 1999-2019 年一直领导着 Dillo 项目，但此后他就销声匿迹，状况未知。该项目目前由 Rodrigo Arias Mallo 重启。Dillo 是一种极简的浏览器，被 Damn Small Linux 等极简发行版使用。它最初使用 GTK 作为其 UI 库，后来切换到 FLTK 2。Jorge 在 2019 年发送了最后一封邮件，2022 年 dillo.org 的域名丢失，网站、邮件列表、库和邮件服务器都消失了。Rodrigo 在 2023 年重启了项目，并设法发布了 Dillo 3.1 版本。

This year, a Serbian journalist and an activist had their phones hacked by local authorities using

The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of "quest games." Law enforcement officials said that it detained two FSB agent groups following a special operation in Kharkiv. These groups, per the agency,

Cyber Attack / Cyber EspionageThe Security Service of Ukraine (SBU or SSU) has exposed a novel esp

A vulnerability was found in Squid Proxy up to 2.4/2.5/2.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component DNS Response Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2002-0163. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Logpoint up to 7.4.x. It has been classified as critical. Affected is an unknown function of the component Search Template Dashboard. The manipulation leads to injection. This vulnerability is traded as CVE-2024-56087. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Logpoint up to 7.4.x and classified as critical. This issue affects some unknown processing of the component Search Template Dashboard. The manipulation leads to injection. The identification of this vulnerability is CVE-2024-56085. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Logpoint up to 7.4.x and classified as critical. This vulnerability affects unknown code of the component Report Template Handler. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-56086. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Logpoint UniversalNormalizer up to 5.6.x. This affects an unknown part. The manipulation leads to Remote Code Execution. This vulnerability is uniquely identified as CVE-2024-56084. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

议题PPT可在先知社区官网查看～

12月14日，阿里云「先知」灯塔系列城市沙龙第七站在上海圆满落地，本次沙龙由阿里云先知、阿里安全响应中心、华东师范大学软件工程学院联合举办。现场汇聚了来自华东师范大学、复旦大学、同济大学、上海交通大学

Популярная площадка стала ареной битвы за данные.

A vulnerability, which was classified as problematic, has been found in CyberPanel. Affected by this issue is some unknown functionality of the file plogical/phpmyadminsignin.php. The manipulation of the argument token/username leads to cross site scripting. This vulnerability is handled as CVE-2024-56112. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as critical was found in zephyrproject-rtos Zephyr up to 3.7. Affected by this vulnerability is the function olcp_ind_handler of the file zephyr/subsys/bluetooth/services/ots/ots_client.c. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2024-8798. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in theeventscalendar The Events Calendar Plugin up to 6.8.2.0 on WordPress. Affected is an unknown function of the component REST API. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-5333. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Giving Tithe.ly Giving Button Plugin up to 1.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the component Shortcode Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-11841. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.4.5/17.5.3/17.6.1. It has been declared as problematic. This vulnerability affects unknown code of the component Public Project Handler. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2024-8650. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.4.5/17.5.3/17.6.1. It has been classified as problematic. This affects an unknown part of the component GraphQL Query Handler. The manipulation leads to incorrect authorization. This vulnerability is uniquely identified as CVE-2024-8116. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.