Aggregator

A vulnerability, which was classified as critical, has been found in Siemens Solid Edge up to 224.0 Update 4. Affected by this issue is some unknown functionality of the component PAR File Handler. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-33493. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

当反序列化过程中自动加载了恶意类（通过@type指定）时，可能触发任意代码执行。

A vulnerability was found in Yaeger CMS 1.2.1. It has been rated as critical. This issue affects some unknown processing of the component Password Recovery. The manipulation of the argument userEmail leads to sql injection. The identification of this vulnerability is CVE-2015-7568. The attack may be initiated remotely. Furthermore, there is an exploit available.

Первые тесты внушают оптимизм, но главное впереди.

A vulnerability was found in Siemens Solid Edge up to 224.0 Update 1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component PAR File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2024-34771. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Siemens Solid Edge up to 224.0 Update 3. It has been rated as critical. Affected by this issue is some unknown functionality of the component PAR File Handler. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-34772. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in wpdevteam Essential Addons for Elementor Plugin up to 5.9.20 on WordPress. This affects an unknown part. The manipulation of the argument eael_ext_toc_title_tag leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-4624. It is possible to initiate the attack remotely. There is no exploit available.

JNDI 是 Java 提供的统一资源访问接口，支持通过名称（如ldap://example.com/obj）动态加载远程对象。

A vulnerability classified as critical was found in Siemens Solid Edge up to 224.0 Update 1. This vulnerability affects unknown code of the component PAR File Handler. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2024-34773. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Siemens CPC80 Central Processing Communication and CPCI85 Central Processing Communication. It has been classified as critical. This affects an unknown part of the component HTTP Header Handler. The manipulation leads to improper null termination. This vulnerability is uniquely identified as CVE-2024-31484. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens PS IGES Parasolid Translator Component. It has been rated as critical. This issue affects some unknown processing of the component IGS File Handler. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-32055. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical has been found in Siemens PS IGES Parasolid Translator Component. Affected is an unknown function of the component IGS File Handler. The manipulation leads to type confusion. This vulnerability is traded as CVE-2024-32057. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

根据发表在《GeoHealth》期刊上的一项研究，火星尘埃含有的细小颗粒和二氧化硅、金属等有害物质，会对宇航员的健康构成严重威胁，使火星任务比之前认为的更加危险。在执行阿波罗登月任务期间，宇航员就遭受过月球尘埃的侵袭。月球尘埃吸附在宇航服上，渗透进入月陆器，导致咳嗽、流泪和喉咙发炎。研究表明，长期接触会对健康带来慢性影响。火星尘埃不像月球尘埃那样锐利且粗糙，但它也具有粘附在一切物体上的倾向，细小颗粒可以深入肺部并进入血液。尘埃中的有毒物质包括二氧化硅、石膏和各种金属。执行火星任务的宇航员不可能迅速返回地球接受治疗。40 分钟的通信延迟也会限制来自地球的远程医疗支持。研究人员建议限制接触灰尘，使用空气过滤器、自我清洁太空服和静电排斥装置。

A vulnerability was found in Mozilla Firefox up to 50. It has been rated as critical. Affected by this issue is some unknown functionality of the component DOM Event Handler. The manipulation leads to use after free. This vulnerability is handled as CVE-2016-9899. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

关键词数据泄露近日，多位小红书用户反映，小红书后台持续高频获取用户位置信息，有用户最高3天内被访问1.7万次，

关键词黑客近日，公安网安部门侦破了一起非法获取计算机信息系统数据案。

关键词间谍保密无小事，事事需谨慎。在日常工作中，我们一些机关工作人员习惯把涉密文件资料摆放在桌子上，有的同志外出办事或下班不锁门，文件资料不入柜，给别有用心之人提供了可乘之机。

A vulnerability classified as critical was found in Siemens PS IGES Parasolid Translator Component. Affected by this vulnerability is an unknown functionality of the component IGS File Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2024-32058. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Siemens PS IGES Parasolid Translator Component. Affected by this issue is some unknown functionality of the component IGS File Handler. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-32060. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Siemens PS IGES Parasolid Translator Component. This affects an unknown part of the component IGS File Handler. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2024-32061. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.