Aggregator

字节跳动因前实习生篡改代码攻击内部模型训练系统，向法院提起诉讼，索赔800万元及公开道歉，以维护公司权益和声誉。

看雪论坛作者ID：SleepAlone

2024年11月28日，深瞳漏洞实验室监测到一则Zabbix组件存在SQL注入漏洞的信息，漏洞编号：CVE-2024-42327，漏洞威胁等级：严重。

‘Tis the season to be wary – be on your guard and don’t let fraud ruin your shopping spree

A vulnerability was found in Gowondesigns Leap 0.1.4. It has been classified as problematic. This affects an unknown part. The manipulation of the argument searchterm leads to cross site scripting. This vulnerability is uniquely identified as CVE-2009-1614. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Gowondesigns Leap 0.1.4. It has been declared as critical. This vulnerability affects unknown code of the component File Upload. The manipulation leads to memory corruption. This vulnerability was named CVE-2009-1615. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Mercuryaudio Audio Player 1.21 and classified as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption. This vulnerability is known as CVE-2009-4754. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in Google Chrome 1.0.154.53. Affected is an unknown function. The manipulation leads to improper resource management. This vulnerability is traded as CVE-2009-1514. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Gowondesigns leap 0.1.4 and classified as critical. Affected by this issue is some unknown functionality of the file leap.php. The manipulation of the argument email leads to sql injection. This vulnerability is handled as CVE-2009-1613. The attack may be launched remotely. Furthermore, there is an exploit available.

此前单个漏洞最高赏金记录是1.07亿元

[This is a Guest Diary by John Paul Zaguirre , an ISC intern as part of the SANS.edu BACS program]

Провайдеров обяжут раскрыть больше информации.

用户未能及时意识到该漏洞的严重性和修复的紧迫性

还成立一个新论坛

某网站下载的漫画epub使用calibre等常规阅读器阅读不便，出现白屏，无法下拉等情况，所以有了此文。

The CSO of T-Mobile has clarified that no customer information was stolen by Chinese hacking group Salt Typhoon

A vulnerability classified as critical has been found in IBM Director 3.1/5.10/5.10.3/5.20.1. This affects an unknown part. The manipulation leads to improper resource management. This vulnerability is uniquely identified as CVE-2007-5612. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in OpenSSL FIPS Object Module 1.1.1. This issue affects some unknown processing of the component OpenSSL. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2007-5502. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.