Aggregator

A vulnerability, which was classified as critical, has been found in Microsoft Edge. Affected by this issue is some unknown functionality of the component Scripting Engine. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2017-0131. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Microsoft Edge. This affects an unknown part of the component Scripting Engine. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2017-0132. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Edge and classified as critical. This vulnerability affects unknown code of the component Scripting Engine. The manipulation leads to memory corruption. This vulnerability was named CVE-2017-0133. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Microsoft Lync for Mac 2011 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Certificate Validation Handler. The manipulation leads to improper certificate validation. This vulnerability is known as CVE-2017-0129. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in Microsoft Windows 7 SP1/Server 2008 R2 SP1/Server 2008 SP2/Vista SP2. Affected by this issue is some unknown functionality of the component Uniscribe. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2017-0127. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in Microsoft Windows 7 SP1/Server 2008 R2 SP1/Server 2008 SP2/Vista SP2. This affects an unknown part of the component Uniscribe. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2017-0128. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in Microsoft Windows 7 SP1/Server 2008 R2 SP1/Server 2008 SP2/Vista SP2. Affected by this vulnerability is an unknown functionality of the component Uniscribe. The manipulation leads to information disclosure. This vulnerability is known as CVE-2017-0126. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

作者：Pedro Umbelino, Jake Olcott 译者：知道创宇404实验室翻译组 原文链接：https://www.bitsight.com/blog/aftermath-kaspersky-ban 在2024年春，全球对供应链风险的担忧日益加剧，对技术供应商的信任和可靠性问题也愈发凸显。在这样的背景下，美国对俄罗斯的杀毒软件巨头卡巴斯基实验室下了禁令，禁止其产品进入美国市场。...

error code: 521

EVENT   通用专项活动第六期-通用2.0、通用1.0-奖金加成卡、额外奖励金本期活动涵盖通用2.0及通用1.0漏洞奖励计划，为方便师傅们的理解，在此罗列两种计划区别。收录范围、奖金范围、

叠加奖励金，还有新年礼盒好礼相送~

主站 分类 漏洞 工具 极客

最新报告，曹县黑客在2024年通过47次网络攻击，窃取了价值13.4亿美元的加密货币。

本周，互联网网络安全态势整体评价为良。

本周网络安全基本态势本周，互联网网络安全态势整体评价为良。我国互联网基础设施运行整体平稳，全国范围或省级行政区域内未发生造成重大影响的基础设施运行安全事件。针对政府、企业以及广大互联网用户的主要安全威

Linux Process Injection This repository contains proof-of-concept implementations of various Linux process injection primitives. This code is meant to provide simple examples of injection techniques in action, allowing defenders to understand how they work...

The post Linux Process Injection: proof-of-concept implementations of various Linux process injection primitives appeared first on Penetration Testing Tools.

A vulnerability was found in Apple iOS up to 12.0.1. It has been classified as critical. Affected is an unknown function of the component FaceTime. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2018-4367. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

引言主要更新内容ATT&CK继续延续每年更新两个大版本的状态，今年迎来的ATT&CK 的第16个版本。笔者跟踪了这一年的ATT&CK的进展以及刚结束的ATT&CKcon 5.0中各个内容。提炼了主要的

笔者跟踪了这一年的ATT&CK的进展以及刚结束的ATT&CKcon 5.0中各个内容。提炼了主要的更新内容和主要的更新方向。

Fibratus Fibratus is a tool for exploration and tracing of the Windows kernel. It lets you trap system-wide events such as process life-cycle, file system I/O, registry modifications or network requests among many other observability signals. In a...

The post fibratus: exploration and tracing of the Windows kernel appeared first on Penetration Testing Tools.