Aggregator

A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /[admins_url].php/general/attachment/edit/ids/4?dialog=1 of the component Attachment Management Section. The manipulation of the argument row[url]/row[imagewidth]/row[imageheight] leads to cross site scripting. This vulnerability was named CVE-2024-7453. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in itsourcecode Placement Management System 1.0. It has been classified as critical. This affects an unknown part of the file view_company.php. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2024-7452. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in itsourcecode Placement Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file apply_now.php. The manipulation of the argument id leads to sql injection. This vulnerability is handled as CVE-2024-7451. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in itsourcecode Placement Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /resume_upload.php of the component Image Handler. The manipulation of the argument fileToUpload leads to unrestricted upload. This vulnerability is known as CVE-2024-7450. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument email leads to sql injection. This vulnerability is traded as CVE-2024-7449. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in FFmpeg 402d98c9d467dff6931d906ebb732b9a00334e0b. This issue affects the function jpegxl_collect_codestream_header of the file FFmpeg/libavformat/jpegxl_anim_dec.c. The manipulation leads to use after free. The attack may be initiated remotely. Furthermore, there is an exploit available. Affects random checkout which is not eligible for a CVE assignment according to MITRE definitions.

A vulnerability classified as critical was found in FFmpeg 402d98c9d467dff6931d906ebb732b9a00334e0b. This vulnerability affects the function get_bits_long in the library FFmpeg/libavcodec/get_bits.h. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. Furthermore, there is an exploit available. Affects random checkout which is not eligible for a CVE assignment according to MITRE definitions. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in Quiz and Survey Master Plugin up to 9.0.x on WordPress. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-6390. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in UsersWP Plugin up to 1.2.11 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Export Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-6477. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

为进一步了解安全行业动态，推动安全行业发展，数世传媒将对行业中各类活动进行整理汇总，供业内各界了解关注。

鉴于最近一系列大规模勒索软件攻击席卷了各行各业，思科Talos想重新审视一下顶级勒索软件组织目前的现状。

Хактивисты заявили о краже данных и сбоях в сети.

创刊于 1991 年、有 33 年历史的游戏杂志《Game Informer》突然宣布了停刊，其网站首页刊登了再见声明，所有内容都无法访问。员工通过社交媒体表示他们是突然被通知裁员的，正在

创刊于 1991 年、有 33 年历史的游戏杂志《Game Informer》突然宣布了停刊，其网站首页刊登了再见声明，所有内容都无法访问。员工通过社交媒体表示他们是突然被通知裁员的，正在进行的杂志下一期内容无法完成，他们也被立即切断了访问。《Game Informer》在高峰期发行量高达 800 万份，是美国最受欢迎的杂志之一，原发行商是 FuncoLand，2000 年 GameStop 收购了 FuncoLand 从而拥有了《Game Informer》。2024 年 8 月 2 日 GameStop 关闭了《Game Informer》，它的最后一期主打内容是 BioWare 即将于秋季发售的游戏《龙腾世纪：影障守护者》。

Использование ИИ для мониторинга и предотвращения преступлений становится новой реальностью для аргентинской полиции.

Опровергните доказательство Мотидзуки и получите $1 миллион.

TgRat, a Telegram-controlled trojan, was discovered attacking Linux servers in an attempt to steal data from a compromised system. In 2022, the TgRat trojan was first identified. Although the original version of the trojan was small and designed for Windows, the latest version uses the widely used messaging app Telegram to target Linux servers. “The […]

The post Telegram-Controlled TgRat Attacking Linux Servers to Exfiltrate Data appeared first on Cyber Security News.

2023 年 1 月 1 日，据俄罗斯和乌克兰消息来源报道，乌克兰对驻扎在马基维卡（Makiivka是顿涅茨克地区首府的姊妹城市）一所职业学校的俄罗斯军队的袭击造成了重大伤亡，尤其是应征入伍者。 顿涅

2023 年 1 月 1 日，据俄罗斯和乌克兰消息来源报道，乌克兰对驻扎在马基维卡（Makiivka是顿涅茨克