Aggregator

Старые приёмы, новый язык и неожиданный поворот в развитии угрозы.

A vulnerability classified as critical has been found in Google Mini Search Appliance. This affects an unknown part. The manipulation of the argument ie leads to cross site scripting. This vulnerability is uniquely identified as CVE-2007-5255. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.

路径规范化不一致导致的shiro绕过，是CVE-2020-17510以及CVE-2023-22602的进一步扩展

Создатели сети зашифрованной связи продали не только телефоны, но и своих клиентов.

Новый стандарт работы с информацией.

The UK government has launched a new AI security code of practice it believes will become an ETSI standard

A vulnerability, which was classified as critical, was found in Adobe Flash Player up to 11.2.202.569/18.0.0.329/20.0.0.233/20.0.0.260/20.0.0.306. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2016-1001. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Cheyenne Inoculan Anti-Virus Server up to 4.0 SP2 and classified as critical. This vulnerability affects unknown code of the component Directory Handler. The manipulation leads to improper privilege management. This vulnerability was named CVE-1999-1555. Local access is required to approach this attack. Furthermore, there is an exploit available. This vulnerability has a historic impact due to its background and reception. It is recommended to upgrade the affected component.

17 стран одобрили создание центра безопасности.

A vulnerability was found in Apple watchOS up to 4.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component IOSurface. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2017-13861. An attack has to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in AN AN-HTTPd 1.2b. It has been classified as critical. This affects an unknown part of the file input2.bat/envout.bat of the component CGI Handler. The manipulation as part of Metacharacter leads to improper privilege management. This vulnerability is uniquely identified as CVE-1999-0947. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

As January 2025 comes to a close, we’re highlighting the latest updates to sensitive permissions, services, and regions from AWS. Staying informed on these changes is essential for maintaining a strong cloud security posture and ensuring that sensitive permissions are properly managed. This month’s updates include newly identified sensitive permissions across existing services and the […]

The post January Recap: New AWS Sensitive Permissions and Regions appeared first on Security Boulevard.

A vulnerability, which was classified as critical, was found in OpenEMR 3.1.0/3.2.0/4.0.0/4.1.0. This affects an unknown part. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2012-2115. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Adobe Flash Player up to 11.2.202.569/18.0.0.329/20.0.0.233/20.0.0.260/20.0.0.306. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2016-0997. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A significant vulnerability has been discovered in the Alibaba Cloud Object Storage Service (OSS) that allows unauthorized users to upload data, posing critical security risks for organizations relying on this cloud solution. The vulnerability, caused by the misconfiguration of the PUT method, potentially exposes sensitive data and leaves storage buckets open to exploitation. The security […]

The post Alibaba Cloud Storage Flaw Exposes Data to Unauthorized Uploads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Apple iOS up to 11.1.2. It has been classified as critical. Affected is an unknown function of the component IOSurface. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2017-13861. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Китайская лаборатория сделала то, что не смогли США за 25 лет.

Сервис для людей с аутизмом неделю игнорировал сообщения об угрозе.

A vulnerability has been found in SourceCodester Seat Reservation System and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2020-25762. The attack can be launched remotely. Furthermore, there is an exploit available.

Мошенники превратили празничную рассылку в инструмент масштабной кражи данных.