Aggregator

少数派 2024 年度征文：记录过去的一年，为明年的创意添彩 时值新春，或许你还在回顾和重温过去一年的经历，或许你已经为践行新的年度目标迈出了最初的步伐。每年这个时候，少数派都会举行一场年度征文活动

浏览量: 918Cudy多酷TR3000是一款功能强大的便携旅行AX3000路由器，支持高速Wi-Fi 6技术，适合家庭和

2025-01-22期刊征文-暗网抑制前沿进展  ourren || discuss

今日暂未更新资讯~
更多最新文章，请访问SecWiki

A vulnerability classified as problematic was found in MediaWiki up to 1.4. This vulnerability affects the function outputPage. The manipulation of the argument uselang leads to cross site scripting. This vulnerability was named CVE-2012-2698. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in needyamin image_gallery 1.0. This vulnerability affects unknown code of the file /admin/gallery.php of the component Cover Image Handler. The manipulation of the argument image leads to unrestricted upload. This vulnerability was named CVE-2025-0722. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

流行减肥药 GLP-1RA 过去几年风靡世界，华盛顿大学团队分析了美国退伍军人事务部的数据，研究了 215970 名糖尿病患者使用 GLP-1RA 和 175 种健康结果的关系。与使用非

流行减肥药 GLP-1RA 过去几年风靡世界，华盛顿大学团队分析了美国退伍军人事务部的数据，研究了 215970 名糖尿病患者使用 GLP-1RA 和 175 种健康结果的关系。与使用非 GLP-1RA 抗高血糖药物的对照人群比较后发现，使用 GLP-1RA 的参与者发生凝血和心脏代谢疾病（如深静脉血栓、肺栓塞、中风、心脏骤停、心力衰竭和心肌梗死）的风险较低。他们还提出其他潜在有益效果，包括与较低的精神疾病、癫痫、细菌感染和肺炎风险等相关。同时他们也发现，使用 GLP-1RA 与胃肠道疾病（如恶心呕吐、憩室炎、胃炎和腹痛）以及低血压、晕厥和关节炎风险升高有关。他们强调，该发现是观察性的，不能表明因果关系，但这些发现有助于描述 GLP-1RA 的广泛健康影响。

A vulnerability classified as problematic has been found in needyamin image_gallery 1.0. This affects the function image_gallery of the file /view.php. The manipulation of the argument username leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-0721. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

Authors:(1) Mohammad Shushtari, Department of Mechanical and Mechatronics Engineering, University

Submit #482822 / VDB-293482

A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as problematic. Affected by this issue is the function removeExtraSlashes of the file /opt/MicroWorld/sbin/rtscanner of the component Folder Watch List Handler. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2025-0720. The attack needs to be approached locally. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #482812 / VDB-293481

A vulnerability was found in Apache Solr up to 9.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component FileSystemConfigSetService. The manipulation leads to improper authorization. This vulnerability is known as CVE-2025-24814. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in Apache Solr up to 9.7.0 on Windows. It has been classified as critical. Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is traded as CVE-2024-52012. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Submit #482371 / VDB-293480

A vulnerability has been found in Bfs.kilu Bigforum 4.5 and classified as critical. This vulnerability affects unknown code of the file profil.php. The manipulation of the argument id leads to sql injection. This vulnerability was named CVE-2010-0948. The attack can be initiated remotely. Furthermore, there is an exploit available.

登录 注册

在上月底举行的 38C3 混沌计算机俱乐部会议上，研究人员披露中欧地区的可更新能源设施使用未加密无线电信号接收命令向电网输送或切断电力。研究人员是在分析柏林路灯使用的无线电接收器时意外获得这一发现的，他们试图通过逆向工程无线电接收器去控制柏林全市的路灯去展示能从空中看到的特定模式，结果意外发现控制可更新能源设施的系统与控制路灯的系统相同。安装在路灯上的接收器也用于小型太阳能发电厂这一事实并不令他们感到惊讶，他们感到震惊的是其规模。研究人员估计，在特定条件下向发电设施发送一系列恶意信息足以摧毁整个欧洲电网。电网安全专家对此说法持怀疑态度。