Aggregator

A vulnerability was found in Microsoft Windows. It has been rated as very critical. This issue affects some unknown processing in the library msvcrt.dll. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2012-0150. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in Microsoft Windows 7/Server 2008/Vista and classified as problematic. Affected by this vulnerability is an unknown functionality of the component DirectWrite Unicode Character Parser. The manipulation leads to improper input validation. This vulnerability is known as CVE-2012-0156. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in HP ProCurve -/Id116as0hr/Id116as04p/Id117as00h/Id126as0fb and classified as critical. Affected by this vulnerability is an unknown functionality of the component Compact Flash Card. The manipulation leads to insecure inherited permissions. This vulnerability is known as CVE-2012-0133. Local access is required to approach this attack. Furthermore, there is an exploit available. Due to its background and reception, this vulnerability has an historic impact. A worm is spreading, which is automatically exploiting this vulnerability.

A vulnerability was found in Microsoft .NET Framework up to 4.5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Parameter Validator. The manipulation of the argument Function leads to improper input validation. This vulnerability is known as CVE-2012-0163. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Microsoft Windows 7/Server 2003/Server 2008/Vista/XP. Affected is the function PostMessage of the file win32k.sys. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2012-0157. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Apple iTunes up to 12.7.4 on Windows and classified as critical. Affected by this issue is some unknown functionality of the component WebKit. The manipulation leads to use after free. This vulnerability is handled as CVE-2018-4200. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Yoran's Passing Comes 10 Months After Cancer Diagnosis, 1 Month After Taking Leave
Amit Yoran - a West Point graduate who founded NetWitness, sold the company to RSA and took Tenable public - died Friday. He was 54. Yoran was diagnosed in March 2024 with a treatable form of cancer, and in December temporarily stepped away from his role as Tenable's CEO to get additional treatment.

Yoran's Passing Comes 10 Months After Cancer Diagnosis, 1 Month After Taking Leave
Amit Yoran - a West Point graduate who founded NetWitness, sold the company to RSA and took Tenable public - died Friday. He was 54. Yoran was diagnosed in March 2024 with a treatable form of cancer, and in December temporarily stepped away from his role as Tenable's CEO to get additional treatment.

关键词网络安全苹果公司已同意支付9500万美元，以和解一项诉讼。该诉讼指控苹果通过其虚拟助手Siri窃听用户，未经授权录音用户在使用iPhone及其他设备时的对话。即便用户没有通过“嘿 Siri”激活

关键词网络攻击日本最大的移动运营商 NTT Docomo 报告说，在周四的一次网络攻击暂时中断运营后，该公司正在努力恢复服务。这家总部位于东京的公司在一份声明中说，其系统受到了分布式拒绝服务（DDoS

关键词安全漏洞上周，在混沌通信大会（CCC）上出现的一个新发现动摇了 Windows 可信赖的 BitLocker 加密技术的基础。安全研究员托马斯-兰伯茨（Thomas Lambertz）在其题为

关键词安全漏洞一名安全研究人员针对 Oracle WebLogic Server 中的一个关键漏洞 CVE-2024-21182 发布了一个概念验证 (PoC) 漏洞利用程序。该漏洞被评为 CVSS

A vulnerability, which was classified as critical, was found in TSplus Remote Access up to 16.0.2.14. This affects an unknown part of the file %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes.. The manipulation leads to permission issues. This vulnerability is uniquely identified as CVE-2023-31068. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

#软件资讯 谷歌正在为 Chrome 开发新功能：让 PDF 文件能选择高亮部分生成链接完成快速跳转。此功能的意义在于，其他人点击你分享的链接后会自动打开 PDF 文件并跳转到你选中的

A vulnerability was found in TSplus Remote Access up to 16.0.2.14. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to source code. This vulnerability was named CVE-2023-31069. The attack can be initiated remotely. Furthermore, there is an exploit available.

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. 7-Zip Zero-Day Exploit Dropped: A New Playground for Infostealer & Supply Chain Attacks   Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts   The Mac Malware of 2024  Ransomware Vulnerability Matrix Inside […]