Aggregator

A vulnerability, which was classified as problematic, has been found in RakhiSoftware Rakhisoftware Shopping Cart. The affected element is an unknown function of the component Error Message Handler. This manipulation causes information disclosure. The identification of this vulnerability is CVE-2008-6279. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability described as critical has been identified in Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0. The affected element is the function be_cmd_set_mac_list of the component VFs Handler. Such manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2025-38569. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.

TQSec LogAnalysisBot是一个基于Nginx日志的攻击检测和分析工具。它使用深度学习模型来识别和分类攻击行为，帮助安全团队及时发现和响应安全威胁。

当前环境异常，请完成验证后继续访问。

宇树科技王兴兴：R1 机器人明年会成为全球最畅销人形机器人； 《南京照相馆》代表中国内地申报奥斯卡最佳国际影片； 美团外卖宣布升级「1 对 1 急送」，提前 5-20 分钟送达

A vulnerability marked as problematic has been reported in ethyca fides up to 2.36.x. This affects an unknown part. The manipulation leads to sensitive information in log files. This vulnerability is listed as CVE-2024-34715. The attack must be carried out locally. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability was found in FineSoft 8.0. It has been rated as problematic. This issue affects some unknown processing of the component URL Handler. Performing manipulation of the argument errorname results in cross site scripting. This vulnerability is identified as CVE-2024-35504. The attack can be initiated remotely. There is not any exploit available.

A vulnerability labeled as critical has been found in NVIDIA Triton Inference Server up to 24.04 on Linux/Windows. This vulnerability affects unknown code. Such manipulation leads to improper output neutralization for logs. This vulnerability is uniquely identified as CVE-2024-0095. The attack can be launched remotely. No exploit exists. The affected component should be upgraded.

A vulnerability marked as critical has been reported in NVIDIA Triton Inference Server up to 24.04 on Linux. This issue affects some unknown processing. Performing manipulation results in incorrect initialization of resource. This vulnerability was named CVE-2024-0103. The attack may be initiated remotely. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Nextcloud Server up to 26.0.12/27.1.7/28.0.3. Affected by this issue is some unknown functionality of the component 2FA. Such manipulation leads to improper authentication. This vulnerability is documented as CVE-2024-37313. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability described as critical has been identified in OpenPrinting CUPS up to 2.4.8. This impacts an unknown function of the file cupsd.conf of the component Setting Handler. Executing manipulation can lead to link following. This vulnerability appears as CVE-2024-35235. The attack requires local access. There is no available exploit. It is best practice to apply a patch to resolve this issue.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.6.6. This impacts an unknown function of the component TCP ACK Handler. Executing manipulation can lead to an unknown weakness. This vulnerability is handled as CVE-2023-52881. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

OpenAI, Apollo Research Find Models Hide Misalignment; Training Cuts Deception
Frontier artificial intelligence models are learning to hide their true intentions to pursue hidden agendas, said OpenAI and Apollo Research. Researchers say the risk of deception needs to be tackled now, especially as AI systems take on more complex, real-world responsibilities.

MIND Act Asks FTC to Study Exploitation Risks for Neural Data Collected by Devices
Are brain waves and similar neural data the next frontier in consumer privacy worries? A trio of U.S. senators have introduced federal legislation aiming to get ahead of risks that such brain-related data could be collected and misused by tech firms, data brokers, government agencies and others.

Cybersecurity Programs, Workforce Face Disruption If Congress Fails to Act
A potential government shutdown threatens to gut federal cybersecurity operations, with key programs set to expire, agency cyber staff facing layoffs and no public contingency plans in place - leaving core defenses, threat sharing and incident response at risk.