Aggregator

A vulnerability, which was classified as critical, was found in Schneider Elektronik Series 700 up to 0.1.17.6. This affects an unknown part. The manipulation leads to missing authentication. This vulnerability is uniquely identified as CVE-2024-35293. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Schneider Elektronik Series 700 up to 0.1.17.6. Affected by this issue is some unknown functionality. The manipulation leads to missing authentication. This vulnerability is handled as CVE-2024-35294. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Canonical Juju up to 2.9.50/3.1.9/3.3.6/3.4.5/3.5.3. Affected by this vulnerability is an unknown functionality of the component Unix Domain Socket Handler. The manipulation leads to unprotected alternate channel. This vulnerability is known as CVE-2024-8038. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Canonical Juju up to 2.9.50/3.1.9/3.3.6/3.4.5/3.5.3. Affected is an unknown function of the file /var/lib/Juju/agents/unit-xxxx-yyyy/agent.socket of the component Unix Domain Socket Handler. The manipulation leads to Local Privilege Escalation. This vulnerability is traded as CVE-2024-8037. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Canonical Juju up to 2.9.50/3.1.9/3.3.6/3.4.5/3.5.3. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument JUJU_CONTEXT_ID leads to use of weak credentials. The identification of this vulnerability is CVE-2024-7558. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mestres do WP Checkout Mestres WP Plugin up to 8.6 on WordPress. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to path traversal. This vulnerability was named CVE-2024-44030. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in MinHyeong Lim MH Board Plugin up to 1.3.2.1 on WordPress. It has been classified as critical. This affects an unknown part. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2024-44017. It is possible to initiate the attack remotely. There is no exploit available.

​Microsoft is blocking Windows 24H2 upgrades on systems with incompatible Intel Smart Sound Technology (SST) audio drivers due to blue screen of death (BSOD) issues. [...]

A vulnerability, which was classified as critical, has been found in magzter Macau Business 3. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-7327. The attack needs to be done within the local network. There is no exploit available.

在 Python 项目中，依赖管理是一个非常重要的环节。为了方便团队协作和项目部署，我们通常会使用 requirements.txt 文件来列出项目所需的所有

Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The shortcoming,

Первый взгляд на новый научно-фантастический фильм 2025 года.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-29824 Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Today, the U.S. Department of Commerce issued a Notice of Intent (NOI) to announce an open competition demonstrating how AI can assist in developing new sustainable semiconductor materials and processes that meet industry needs and can be designed

Microsoft has blocked Windows 24H2 upgrades on some systems because of known issues causing Asphalt 8 game crashes and Easy Anti-Cheat blue screens. [...]