Aggregator

A vulnerability was found in SourceCodester Advocate Office Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /control/edit_client.php. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2024-9328. The attack may be initiated remotely. Furthermore, there is an exploit available.

苏黎世联邦理工学院研究人员报告，利用特别训练过的图像识别模型，AI 机器人能以 100% 成功率破解 ReCAPTCHA v2。Google 的 reCAPTCHA v2 会展示一组街景网格，要求用户识别哪些图像包含自行车、人行横道、楼梯或交通信号灯。Google 已经逐步淘汰 reCAPTCHA v2 改用 reCAPTCHA v3，通过分析用户交互识别人和机器人，不再需要用户接受繁琐的挑战。然而互联网上仍然有数百万个网站使用 reCAPTCHA v2，而使用 reCAPTCHA v3 的网站还会将 reCAPTCHA v2 作为后备方案。研究人员利用了开源模型 YOLO ("You Only Look Once") 的微调版本。他们表示在成功率达到 100% 之后我们正进入后 reCAPTCHA 时代。

Submit #415695 / VDB-278837

A vulnerability was found in Linux Kernel up to 4.19.208/5.4.150/5.10.70/5.14.9 and classified as problematic. Affected by this issue is the function thermal_cooling_device_stats_update of the component hwmon. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2021-47393. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.14.9. This affects the function vc_resize of the component tty. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2021-47383. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.10.1 and classified as problematic. Affected by this vulnerability is the function tap_get_user_xdp of the component Header Length Handler. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-41090. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.10.1. Affected by this vulnerability is the function tun_xdp_one of the component Header Length Handler. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-41091. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.10.220/5.15.161/6.1.94/6.6.34/6.9.5. Affected is the function snd_una of the component mptcp. The manipulation leads to uninitialized pointer. This vulnerability is traded as CVE-2024-40931. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.9.10 and classified as critical. This vulnerability affects the function eeh_pe_report_edev of the component powerpc. The manipulation leads to denial of service. This vulnerability was named CVE-2024-41064. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.6 and classified as critical. Affected by this issue is the function tty_port_close. The manipulation leads to memory leak. This vulnerability is handled as CVE-2021-47527. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in PHP 5.2.3 and classified as critical. This vulnerability affects the function msql_connect. The manipulation of the argument first leads to memory corruption. This vulnerability was named CVE-2007-4255. The attack can be initiated remotely. Furthermore, there is an exploit available.