Aggregator

A vulnerability was found in Jedox 2020.2.5. It has been declared as critical. This vulnerability affects unknown code of the file /be/erpc.php. The manipulation leads to path traversal. This vulnerability was named CVE-2022-47875. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Totalecommerce 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.asp. The manipulation of the argument id leads to sql injection. This vulnerability is handled as CVE-2006-1109. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Walla TeleSite up to 3.0 and classified as problematic. Affected by this issue is some unknown functionality of the file ts.exe. The manipulation of the argument tsurl leads to information disclosure. This vulnerability is handled as CVE-2005-3576. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in unattended-upgrades up to 0.86.0. Affected is the function DPkg::Options::. The manipulation leads to improper authentication. This vulnerability is traded as CVE-2015-1330. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Simple Streams. Affected is an unknown function of the component GPG Signature Handler. The manipulation as part of Disk Image File leads to improper input validation. This vulnerability is traded as CVE-2015-1337. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Appoprt up to 2.19.1 and classified as problematic. This issue affects the function _python_module_path of the component Python Module. The manipulation as part of Argument leads to improper access controls (Core Dump). The identification of this vulnerability is CVE-2015-1341. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel 3.12/3.13/3.14/3.15 and classified as problematic. This issue affects the function handle_invept of the file arch/x86/kvm/vmx.c. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2017-8106. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as very critical, was found in Cisco Secure Desktop up to 3.4.1. Affected is an unknown function of the component ActiveX Control. The manipulation leads to improper input validation. This vulnerability is traded as CVE-2010-0589. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Cisco Digital Media Player 4300g up to 5.1. This affects an unknown part. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2010-0573. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Cisco Digital Media Manager 5.0.2. It has been classified as very critical. Affected is an unknown function of the component Default Password. The manipulation leads to credentials management. This vulnerability is traded as CVE-2010-0570. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Cisco Digital Media Manager 5.0.2. It has been declared as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2010-0571. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Cisco Digital Media Manager up to 5.0.1. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2010-0572. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

X 用户公开了华为海思 AI 芯片昇腾 910、昇腾 910B 和昇腾 610 的集成电路布局图（Die Shot）。华为是在 2019 年宣布了昇腾 910，它由台积电代工，采用 N7+ 工艺；而昇腾 910B 则由中芯国际代工，采用 N+1 工艺，属于 7 纳米节点。昇腾 910 由 1 个 Virtuvian AI 处理器、1 个 Nimbus V3 I/O 处理器芯片、四个 HBM2E 内存栈和两个用于一致性的虚拟芯片构成。其中 Virtuvian 由 32 个达芬奇 Max AI 核心构成。芯片的尺寸为 14.6 毫米 × 31.25 毫米，面积 456.25 平方毫米。相比之下，中芯国际的版本尺寸为 21.32 毫米 × 31.22 毫米，面积达到了 665.61 平方毫米，明显要大得多。昇腾 910B 的 Virtuvian 由 25 个达芬奇 AI 核心构成。可能的原因包括中芯国际的工艺晶体管密度低于台积电，或者海思大幅增强了达芬奇核心以至于减少了核心数量。

A vulnerability was found in vsftpd 3.0.2. It has been classified as problematic. This affects the function deny_file. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2015-1419. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel and classified as problematic. Affected by this vulnerability is the function keyring_detect_cycle_iterator. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-0102. The attack needs to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

社交媒体巨头Meta计划投资100亿美元建设覆盖全球的海底光缆仅供自己使用

外卖、到店以外，美团找到「第三曲线」

近日，一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。

Людям остаётся лишь наблюдать за механизированной готовкой.