Aggregator

Обезьяны из зоопарка Пейнтон проверили известную теорему на практике.

Cybersecurity startup Knostic, a finalist in this year's Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses enterprise data to ensure sensitive data doesn't get leaked.

Cybersecurity startup LeakSignal, a finalist in this year's Black Hat USA Startup Spotlight competition, helps organizations see where data is leaking within their environments.

触屏交互设备的安全风险 by 洞源实验室

更多最新文章，请访问SecWiki

科学家发现，一种双重作用抗生素将细菌产生耐药性的难度增加了 1 亿倍。被称为 Macrolones 的合成药能以两种不同的方式起效：其一是干扰蛋白质生产，其二是破坏 DNA 结构。由于细菌需要同时抵御两种攻击方式，它们几乎不太可能发展出耐药性。Macrolones 是一种合成抗生素，用不同的机制结合了两种广泛使用的抗生素的结构。大环内酯类（Macrolides）如红霉素可阻断核糖体——即细胞的蛋白质制造工厂；氟喹诺酮（Fluoroquinolones）如环丙沙星，靶向了被称为 DNA 促旋酶的细菌特定酶。

A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been rated as critical. Affected by this issue is the function save_settings of the file admin/admin_class.php. The manipulation of the argument img leads to unrestricted upload. This vulnerability is handled as CVE-2024-7500. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file flights.php. The manipulation of the argument departure_airport_id leads to sql injection. This vulnerability is known as CVE-2024-7499. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in itsourcecode Airline Reservation System 1.0. It has been classified as critical. Affected is the function login/login2 of the file /admin/login.php of the component Admin Login Page. The manipulation of the argument username leads to sql injection. This vulnerability is traded as CVE-2024-7498. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in itsourcecode Airline Reservation System 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument page leads to file inclusion. The identification of this vulnerability is CVE-2024-7497. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in itsourcecode Airline Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument page leads to file inclusion. This vulnerability was named CVE-2024-7496. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in itsourcecode Laravel Accounting System 1.0. This affects an unknown part of the file app/Http/Controllers/HomeController.php. The manipulation of the argument image leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-7495. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in SourceCodester Clinics Patient Management System 1.0. Affected by this issue is some unknown functionality of the file /new_prescription.php. The manipulation of the argument patient leads to sql injection. This vulnerability is handled as CVE-2024-7494. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music and Snapdragon Wearables. Affected by this vulnerability is an unknown functionality of the component GPU Page Table Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-33027. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables. Affected is an unknown function of the component GPU SMMU Mapping. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-33034. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables. It has been rated as critical. This issue affects some unknown processing of the component isync Fence Handler. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-33028. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wired Infrastructure and Networking. It has been declared as critical. This vulnerability affects unknown code of the component Response Frame Handler. The manipulation leads to buffer over-read. This vulnerability was named CVE-2024-33026. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables and Snapdragon Wired Infrastructure and Networking. It has been classified as critical. This affects an unknown part of the component BSD Parameter Handler. The manipulation leads to buffer over-read. This vulnerability is uniquely identified as CVE-2024-33025. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables and Snapdragon Wired Infrastructure and Networking and classified as critical. Affected by this issue is some unknown functionality of the component ML IE Length Handler. The manipulation leads to integer overflow. This vulnerability is handled as CVE-2024-33024. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables and classified as critical. Affected by this vulnerability is an unknown functionality of the component Fence Handler. The manipulation leads to use after free. This vulnerability is known as CVE-2024-33023. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Qualcomm Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Wearables. Affected is an unknown function of the component HGSL Driver. The manipulation leads to integer overflow. This vulnerability is traded as CVE-2024-33022. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.