【漏洞通告】Apache Solr 认证绕过漏洞(CVE-2024-45216)
2024年10月30日,深瞳漏洞实验室监测到一则Apache-Solr组件存在身份认证绕过漏洞的信息,漏洞编号:CVE-2024-45216,漏洞威胁等级:严重。
Aggregator
spirits is Allegedly Selling a Vulnerability Leak of Union Nepal Services (UNS) Website
1 year 1 month ago
spirits is Allegedly Selling a Vulnerability Leak of Union Nepal Services (UNS) Website
Dark Web Informer
A Threat Actor is Allegedly Selling Data of AlphaByte
1 year 1 month ago
A Threat Actor is Allegedly Selling Data of AlphaByte
Dark Web Informer
这个已存在18年的提权漏洞影响 X.Org 服务器
1 year 1 month ago
已修复
研究员在开源AI和ML模型中发现30多个漏洞
1 year 1 month ago
速修复
CVE-2024-2630 | Google Chrome up to 122.0.6261.128 on iOS Privilege Escalation (ID 41481)
1 year 1 month ago
A vulnerability was found in Google Chrome on iOS. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to Privilege Escalation.
The identification of this vulnerability is CVE-2024-2630. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-31064 | Insurance Mangement System up to 1.0.0 First Name cross site scripting
1 year 1 month ago
A vulnerability was found in Insurance Mangement System up to 1.0.0 and classified as problematic. This issue affects some unknown processing. The manipulation of the argument First Name leads to cross site scripting.
The identification of this vulnerability is CVE-2024-31064. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2022-48638 | Linux Kernel up to 5.15.71/5.19.11/6.0 cgroup_get_from_id denial of service (8484a356cee8/1e9571887f97/df02452f3df0 / Nessus ID 207693)
1 year 1 month ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.71/5.19.11/6.0. Affected by this issue is the function cgroup_get_from_id. The manipulation leads to denial of service.
This vulnerability is handled as CVE-2022-48638. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
ServiceNow security advisory (AV24-624)
1 year 1 month ago
Canadian Centre for Cyber Security
议题征集|“智效融合,安全护航”第七期「度安讲」 技术沙龙议题报名!
1 year 1 month ago
【内含福利】第七期「度安讲」技术沙龙议题征集!
Confucius组织利用ADS隐藏技术的攻击活动分析
1 year 1 month ago
Confucius组织在本次攻击行动中使用了ADS(Alternate Data Streams)特性来隐藏恶意文件,这种技术在之前该组织的攻击活动中未出现过。鉴于此,我们将重点披露该组织使用ADS加载恶意组件的整个流程
苹果悬赏百万美元查找“苹果智能”安全漏洞
1 year 1 month ago
开源情报显威!利用社交APP实时跟踪美俄法等国总统行踪
1 year 1 month ago
官方称不存在风险
QNAP patches second zero-day exploited at Pwn2Own to get root
1 year 1 month ago
QNAP has fixed a second zero-day vulnerability exploited at the Pwn2Own Ireland 2024 hacking contest to gain a root shell and take over a TS-464 NAS device. [...]
Sergiu Gatlan
资料下载 | 江西“数据要素×”、自治区数据要素市场化配置改革、网络安全产业分析报告、车路云一体化...
1 year 1 month ago
·政策
《江西省“数据要素×”三年行动实施方案(2024-2026年)》
《自治区数据要素市场化配置改革实施意见(征求意见稿)》
·报告
《中国网络安全产业分析报告(2024年)》
《车路云一体化系统建设与应用指南》
会议观察:“可观测性+应用安全”正在加速融合
1 year 1 month ago
从可观测性与应用安全技术研讨会上了解基调听云最新技术实践。
CVE-2004-1540 | ZyXEL ZyNOS 3.40/Is.3/Is.5 Configuration File rpfwupload.html denial of service (EDB-24760 / Nessus ID 15781)
1 year 1 month ago
A vulnerability was found in ZyXEL ZyNOS 3.40/Is.3/Is.5. It has been declared as problematic. This vulnerability affects unknown code of the file rpfwupload.html of the component Configuration File. The manipulation leads to denial of service.
This vulnerability was named CVE-2004-1540. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
A Threat Actor Allegedly Leaked Databases of KVacDoor
1 year 1 month ago
A Threat Actor Allegedly Leaked Databases of KVacDoor
Dark Web Informer
Тест Толкина против Тьюринга: Может ли ИИ создать свой Средиземье?
1 year 1 month ago
Почему технология не может конкурировать с человеческим творчеством.
《政务大模型安全治理框架》: 揭示七大安全风险、提供治理路径
1 year 1 month ago
奇安信集团发布首个《政务大模型安全治理框架》