Aggregator

A vulnerability has been found in Ivanti EPM up to 2022 SU5/2024 and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. This vulnerability was named CVE-2024-32840. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

昆山杜克大学和扬州大学团队发现，中国农业碳排放在新冠三年期间呈增长趋势，其中甲烷排放占比最高超过 65%。家畜肠道发酵和水稻种植是主要的排放源。研究表明，2019 年中国农业的净温室气体排放量为 7.29 亿吨二氧化碳当量，到2021年增至 7.40 亿吨。疫情期间，畜牧业的变动是导致净温室气体排放变化的主要原因之一。由于新冠疫情对供应链的冲击和需求的减少，养猪业受到了显著影响，导致粪便管理的甲烷排放大幅增加。研究发现，从 2019 到 2021 年，猪粪管理的甲烷排放量增长了 26.3%。研究结果还显示，中国农业温室气体排放存在显著的区域差异，导致不同地区的净温室气体排放具有不同的区域特征。黑龙江、湖南、广东和四川是农业净温室气体排放量最高的地区，这些高排放区域主要集中在东北、中部、南部和西南地区的重要农业区。相反，西部和中部欠发达的农业地区净排放相对较低。湖南省因其广泛的水稻种植面积，成为甲烷排放量最高的地区。猪粪管理对甲烷排放的显著贡献也反映了生猪产业规模对区域碳排放的影响。

京东SRC携华为PSIRT、度小满SRC、vivoSRC与你共度中秋，9.14~9.28 京东SRC三倍奖励来袭！

A vulnerability, which was classified as problematic, was found in Ivanti EPM up to 2022 SU5/2024. This affects an unknown part of the component Provisioning Web Service. The manipulation leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2024-37397. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Earth Preta – новое лицо кибертерроризма в АТР.

A vulnerability, which was classified as very critical, has been found in Ivanti EPM up to 2022 SU5/2024. Affected by this issue is some unknown functionality of the component Agent Portal. The manipulation leads to deserialization. This vulnerability is handled as CVE-2024-29847. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Отчет Spotlight: британское «ФБР» нуждается в срочной помощи.

2024 年 9 月 10 日，微软官方发布了 9 月安全更新，针对共 79 个 CVE 进行修复，涉及多个 Windows 主流版本及多款主流产品和组件，请及时安装补丁修复。

Ivanti fixed a maximum severity flaw in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core server Ivanti Endpoint Management (EPM) software is a comprehensive solution designed to help organizations manage and secure their endpoint devices across various platforms, including Windows, macOS, Chrome OS, and IoT systems. The […]

Submit #406233 / VDB-277148

A vulnerability classified as critical was found in nik00726 Video Carousel Slider with Lightbox Plugin up to 1.0.6 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation of the argument id leads to sql injection. This vulnerability is known as CVE-2019-25212. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in villatheme WooCommerce Photo Reviews Premium Plugin up to 1.3.13.2 on WordPress. Affected is the function login. The manipulation leads to authentication bypass using alternate channel. This vulnerability is traded as CVE-2024-8277. It is possible to launch the attack remotely. There is no exploit available.

The Information Commissioner’s Office and National Crime Agency have cemented ties with a memorandum of understanding

Корабль с первопроходцами поднимется выше 1400 км впервые за 50 лет.

AI 将在可预见的未来深刻影响软件开发行业。

CVSS评分10分

速修复

Sandfly is offering free licenses for incident response teams. You can get your free license here:Fr

​锦行科技入选《2024年中国网络安全市场100强》！

A vulnerability was found in wpdelicious WP Delicious Plugin up to 1.6.9 on WordPress. It has been rated as critical. This issue affects the function save_edit_profile_details of the file wp-config.php of the component Path Validation Handler. The manipulation leads to file inclusion. The identification of this vulnerability is CVE-2024-7626. The attack may be initiated remotely. There is no exploit available.