Aggregator

数据安全，刻不容缓 在数字化转型的浪潮下，数据已成为各行业的核心驱动力和新型生产要素。从海量的业务数据中挖掘价 […]

如何使用Ray/RayData构建Audio/Video数据处理Pipeline，以及在大规模不稳定资源上运行RayData所做的优化工作。

A vulnerability, which was classified as critical, was found in Luxion KeyShot. Affected is an unknown function of the component 3DS File Parser. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2024-11576. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Luxion KeyShot. This issue affects some unknown processing of the component SKP File Parser. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2024-11577. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Luxion KeyShot. This vulnerability affects unknown code of the component 3DS File Parser. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2024-11578. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Luxion KeyShot. This affects an unknown part of the component OBJ File Parser. The manipulation leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2024-11579. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Luxion KeyShot. It has been rated as critical. Affected by this issue is some unknown functionality of the component ABC File Parser. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2024-11580. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Luxion KeyShot. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component JT File Parser. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-11581. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

1. BianLian勒索团伙公布新的受害公司 2. Cactus勒索团伙公布受害公司泄露数据 3. RansomHub勒索团伙公布新的受害公司

近日，奇安信病毒响应中心观察到，蠕虫家族Babonock近期攻击活动加剧，大有卷土重来的架势。经分析人员分析发现其为AutoHotKey打包的PE程序，包含键盘监控、伪装成系统进程、移动介质传播和FTP文件操作等恶意行为。

A vulnerability was found in PHP up to 8.1.30/8.2.25/8.3.13. It has been classified as problematic. Affected is an unknown function of the component MySQL Server Handler. The manipulation leads to buffer over-read. This vulnerability is traded as CVE-2024-8929. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Dell Edge Gateway 5200 1.03.10/1.05.10 and classified as problematic. This issue affects some unknown processing. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-38296. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in cesarmaeso Control horas Plugin up to 1.0.1 on WordPress and classified as problematic. This vulnerability affects the function ch_registro of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-11381. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in MailMunch Plugin up to 3.1.8 on WordPress. This affects the function add_query_arg. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-8735. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in codename065 Premium Packages Plugin up to 5.9.3 on WordPress. Affected by this issue is the function add_query_arg. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-11225. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in gallerycreator Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube and Vimeo) Video Gallery and Lightbox for native gallery Plugin up to 3.2.4.2 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-10034. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in AIPHONE IX-MV, IX-MV7-HB, IX-MV7-HBT, IX-MV7-HW, IX-MV7-HWT, IX-MV7-HW-JP, IX-MV7-B, IX-MV7-BT, IX-MV7-W, IX-MV7-WT, IX-DA, IX-DAU, IX-DB, IX-DBT, IX-EA, IX-EAT, IX-EAU, IX-DV, IX-DVT, IX-DVF, IX-DVF-P, IX-DVF-L, IX-DVM, IX-DU, IX-DVF-RA, IX-DVF-2RA, IX-BA, IX-BAU, IX-BB, IX-BBT, IX-FA, IX-SSA, IX-SS-2G, IX-SS-2GT, IX-SS-2G-N, IX-BU, IX-SSA-RA, IX-SSA-2RA, IX-RS-B, IX-RS-BT, IX-RS-W, IX-RS-WT, IXW-MA, IX-SPMIC, IXG-2C7, IXG-2C7-L, IXG-DM7, IXG-DM7-HID, IXG-DM7-HIDA, IXG-DM7-10K, IXG-MK, IXGW-GW, IXGW-TGW, IXGW-LC, IX-SupportTool and IXG-SupportTool. Affected is an unknown function of the component SFTP Service. The manipulation leads to use of hard-coded cryptographic key . This vulnerability is traded as CVE-2024-45837. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in PHP up to 8.1.30/8.2.25/8.3.13 on 32-bit. It has been rated as critical. This issue affects the function ldap_escape. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2024-8932. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GEO my WP Plugin and gmw-premium-settings Plugin on WordPress. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2024-9422. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

The U.S. Department of Justice (DOJ) announced the seizure of the illicit PopeyeTools platform, a notorious online marketplace for stolen credit cards and cybercrime tools. Alongside the takedown, authorities unsealed criminal charges against three alleged administrators: Abdul Ghaffar (25) and Abdul Sami (35) of Pakistan, and Javed Mirza (37) of Afghanistan. PopeyeTools Cybercrime Operation Dismantled […]

The post US Seizes PopeyeTools Cybercrime Platform & Arrested Admins appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.