Aggregator

От виртуальных машин до WINE.

A vulnerability, which was classified as critical, was found in Apple iOS up to 11.0.3. This affects an unknown part of the component WebKit. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2017-13785. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in MediaWiki 1.37.0/1.37.1. This issue affects some unknown processing of the file w/index.php?title=Special%3AWhatLinksHere&target=Property%3AP31&namespace=1&invert=1. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2022-28204. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux-PAM up to 1.5.2-6.0 on openSUSE and classified as critical. Affected by this vulnerability is an unknown functionality of the file pam_access.so of the component SSH Login Handler. The manipulation leads to improper authentication. This vulnerability is known as CVE-2022-28321. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Caryll OTFCC 617837b. Affected by this issue is some unknown functionality of the file /release-x64/otfccdump+0x6c0a32. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2022-35060. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability, which was classified as critical, was found in Caryll OTFCC 617837b. This affects an unknown part of the file /release-x64/otfccdump+0x6e412a. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-35061. The attack can only be done within the local network. There is no exploit available.

A vulnerability has been found in Caryll OTFCC 617837b and classified as critical. This vulnerability affects unknown code of the file /release-x64/otfccdump+0x6c0bc3. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2022-35062. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in Caryll OTFCC 617837b and classified as critical. This issue affects some unknown processing of the file /release-x64/otfccdump+0x6e41a8. The manipulation leads to heap-based buffer overflow. The identification of this vulnerability is CVE-2022-35063. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Caryll OTFCC 617837b. It has been classified as critical. Affected is the function __asan_memset of the file /release-x64/otfccdump+0x4adcdb. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2022-35064. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in Caryll OTFCC 617837b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /release-x64/otfccdump+0x65f724. The manipulation leads to memory corruption. This vulnerability is known as CVE-2022-35065. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in Caryll OTFCC 617837b. It has been rated as critical. Affected by this issue is some unknown functionality of the file /release-x64/otfccdump+0x6e41b8. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2022-35066. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability classified as critical has been found in Caryll OTFCC 617837b. This affects an unknown part of the file /release-x64/otfccdump+0x6e41b0. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-35067. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability classified as critical has been found in CRI-O. Affected is an unknown function of the component Supplementary Group Handler. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2022-2995. The attack can only be initiated within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in Suprema Bio Star 2.8.16. This issue affects some unknown processing of the component PUT Request Handler. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2022-38351. The attack may be initiated remotely. There is no exploit available.

在二季度利润受到美国关税政策冲击之后，惠普表示将停止在中国制造销往北美的产品。HP 总裁兼 CEO Enrique Lores 在二季度财报电话会议上告诉投资者，一个季度前惠普的目标是到 9 月将中国制造的销往北美产品的比例降至 10% 以内，现在由于美国的关税政策惠普正在加速这一进程，预计到 6 月销往北美的产品将几乎没有来自中国制造。惠普加快了将工厂从中国转移到东南亚和墨西哥的进程。

A vulnerability classified as problematic was found in Apple Mac OS X 10.4. Affected by this vulnerability is an unknown functionality. The manipulation of the argument extension leads to memory corruption. This vulnerability is known as CVE-2006-4866. Local access is required to approach this attack. Furthermore, there is an exploit available.

Глаза робота стали умнее.

Threat actors are abusing the trusted Google platform 'Google Apps Script' to host phishing pages, making them appear legitimate and eliminating the risk of them getting flagged by security tools. [...]

糖被认为是2型糖尿病发病率上升的罪魁祸首，但 BYU 大学的研究人员发现，不是所有糖都是平等的。研究人员发现：相比通过食物摄入糖，通过饮料——如苏打和果汁——摄入糖有着更大的健康风险。每天每增加 12 盎司含糖饮料（如软饮料、能量饮料和运动饮料），患2型糖尿病的风险会增加25%。每天每增加8盎司果汁（如100%纯果汁、果汁饮料和果汁饮料），患2型糖尿病的风险会增加5%。相比之下，每日摄入20克总蔗糖（食用糖）和总糖（饮食中所有天然糖和添加糖的总和）与2型糖尿病呈负相关。为什么通过饮料摄入糖会有更大的健康风险？原因是含糖饮料和果汁提供的是分离的糖，会产生更大的血糖影响，抑制和扰乱肝脏代谢，增加肝脂肪和胰岛素抵抗。研究人员指出，果汁无法代替水果，其蕴含的糖分高且浓缩。

Funnull Technology supports “hundreds of thousands of websites” dedicated to the scams, otherwise known as pig butchering, according to the sanctions announcement by the Treasury Department’s Office of Foreign Assets Control.