Aggregator

移动端安全 windows笔记本操作iphone探索

Anti-virtualization（附CVE-2024-37081漏洞解析）

记某app使用autodecoder插件绕过加密数据包+重放防护

深度学习后门攻击演进趋势与先进技术分析

tcache bin中mp_结构体利用

2024强网杯WP（部分）

Pointer Overflow CTF - 2024 RE全WP

2024 强网杯 Crypto wp

2024 强网杯 谍影重重5.0 超详解

2024GCTF PWN全题超详解

蓝凌EKP V16 未授权SQL注入漏洞分析

2024 网鼎杯玄武组部分wp

A vulnerability classified as problematic has been found in bdthemes Prime Slider Plugin up to 3.15.18 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8442. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in OpenWRT 18.06/19.07/21.02/22.03. It has been classified as problematic. Affected is an unknown function of the component TCP Handler. The manipulation leads to denial of service. This vulnerability is traded as CVE-2023-30312. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Zoho ManageEngine EndPoint Central up to 11.3.2416.21/11.3.2428.9. Affected by this vulnerability is an unknown functionality of the component Agent. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2024-10203. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Freedesktop Mesa 23.0.4. Affected by this vulnerability is the function dri2GetGlxDrawableFromXDrawableId. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2023-45913. The attack needs to be approached within the local network. There is no exploit available.

中国科学技术大学的研究人员利用激光冷原子方法制备成基于自旋的薛定谔猫态，其寿命达到分钟量级，有助于提升对自旋进动相位的测量灵敏度。相关成果发表在《自然·光子学》上。研究团队成功实现了一种具有超长相干时间的薛定谔猫态。研究人员利用光晶格囚禁自旋为5/2的镱-173原子，通过控制激光脉冲对原子诱导非线性光频移，制备出由自旋投影为+5/2与-5/2两个态组成的叠加态。由于这两个态的磁量子数相距最远，所以它们的叠加态被称为薛定谔猫态。这种猫态具有增强的磁场灵敏性，同时在光晶格中感受到完全相同的光频移，处于“无消相干子空间”中，从而对光晶格的强度噪声和光斑形貌变化具有天然的免疫性。实验结果表明，该猫态的相干时间突破了20分钟。通过Ramsey干涉测量法，研究人员证实了接近海森堡极限的相位测量灵敏度。

加政府基于对TikTok的详细审查，结合安全和情报部门以及其他政府机构的讨论，作出“封禁”决定。

A vulnerability classified as very critical was found in jq. This vulnerability affects the function tokenadd of the file jv_parse.c of the component JSON Encoded Number Handler. The manipulation leads to memory corruption. This vulnerability was named CVE-2015-8863. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.