Aggregator

A vulnerability has been found in Linux Kernel up to 5.10.102/5.15.25/5.16.11 and classified as critical. Affected by this vulnerability is the function generic_map_delete_batch of the component bpf. The manipulation leads to infinite loop. This vulnerability is known as CVE-2022-48939. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.2. It has been classified as problematic. Affected is an unknown function of the component RDMA. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-43872. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.6. It has been declared as critical. This vulnerability affects the function execution_buffer of the component vmwgfx. The manipulation leads to buffer overflow. This vulnerability was named CVE-2022-48887. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in GitLab Community Edition and Enterprise Edition up to 17.4.5/17.5.3/17.6.1. This affects an unknown part of the component Merge Request Handler. The manipulation leads to inefficient algorithmic complexity. This vulnerability is uniquely identified as CVE-2024-8233. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.4.5/17.5.3/17.6.1. It has been classified as problematic. This affects an unknown part of the component API Endpoint. The manipulation leads to open redirect. This vulnerability is uniquely identified as CVE-2024-9387. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.4.5/17.5.3/17.6.1. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-8179. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

印度国际象棋特级大师多曼拉朱·古凯什击败 2023 年世界冠军、中国棋手丁立人成为历史上最年轻的国际象棋世界冠军。2024 年国际象棋世界冠军赛在新加坡举办，比赛采用 14 局制，若打平则加赛决胜。18 岁的古凯什以 7½–6½ 获胜。32 岁的丁立人在获得世界冠军之后，有数个月时间没有参加职业比赛，他在后来的采访中透露是因为疲劳和抑郁，他在 2024 年 1 月重新参加比赛，表达了捍卫世界冠军头衔的意愿。这场比赛前，古凯什等级分 2783 高于丁立人的 2728。

Что случилось после обновления закона.

A Threat Actor Claims to have Leaked the Data of MYWEBSPORT

De toekomstig Zr.Ms. Den Helder was vandaag voor het eerst even bij Den Helder. Het nieuwe Combat Support Ship (CSS)  lag daar op de rede. Later op de dag voerde het schip met Zr.Ms. Friesland bij wijze van test de procedures uit om te bevoorraden op zee.

2024年度卫星互联网重点实验室（第二批）人工智能方向开放课题

A vulnerability, which was classified as problematic, was found in Apple macOS up to 13.2.1. Affected is an unknown function of the component ColorSync. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2023-27955. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

Galaxy Broadband Communications Inc Has Been Claimed a Victim to LYNX Ransomware

X0Frankenstein Allegedly Leaked the Data of Yalla Tager

CNNVD关于微软多个安全漏洞的通报

CNNVD关于Apache Struts安全漏洞的通报

As the dust settles on another hectic 12 months, business and IT leaders should enjoy a well-earned break. But not for long. The end of one year offers a fantastic vantage point from which to view the macro trends that may go on to shape the next. With this in mind, these are the five things we’ve learned about cybersecurity in 2024.

The post A Year in Data Security: Five Things We’ve Learned From 2024 appeared first on Security Boulevard.

A Threat Actor Claims to have Leaked the Data of SENATI

本月初被迫离开的前英特尔 CEO Pat Gelsinger 呼吁为这家陷入困境的公司员工祈祷和斋戒。Gelsinger 在 X 上发帖称，“每周四我会进行 24 小时的祈祷和禁食。本周我邀请您与我一起为 10 万名英特尔员工祈祷和禁食，帮助他们度过这一困难时期。英特尔及其团队对芯片行业和美国的未来至关重要。”Gelsinger 出生于基督教团体门诺派家庭。