Aggregator
ATT&CK 2024更新内容简介
8 months ago
ATT&CK 2024更新内容简介
8 months ago
引言主要更新内容ATT&CK继续延续每年更新两个大版本的状态,今年迎来的ATT&CK 的第16个版本。笔者跟踪了这一年的ATT&CK的进展以及刚结束的ATT&CKcon 5.0中各个内容。提炼了主要的
ATT&CK 2024更新内容简介
8 months ago
CVE-2010-0886 | Sun JDK 1.6.0 Deployment Remote Code Execution (EDB-12122 / Nessus ID 45544)
8 months ago
A vulnerability was found in Sun JDK 1.6.0. It has been classified as very critical. This affects an unknown part of the component Deployment. The manipulation leads to Remote Code Execution.
This vulnerability is uniquely identified as CVE-2010-0886. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
附原文 |《2024年漏洞与威胁趋势报告》深度解读
8 months ago
新发现漏洞的数量出现了前所未有的增长态势,其中高危或严重级别的漏洞占比高达一半,漏洞利用的时间线显著缩短。
附原文 |《2024年漏洞与威胁趋势报告》深度解读
8 months ago
在信息技术飞速发展的当下,网络安全已然成为全球瞩目的焦点。安全极客社区精心译制的《2024 年漏洞与威胁趋势报告》明确指出,2023 年堪称网络安全领域的重要分水岭。这一年,新发现漏洞的数量出现了前所
CVE-2024-56375 | NICMx Fort 1.6.3/1.6.4 Manifest RPKI Object integer underflow
8 months ago
A vulnerability, which was classified as problematic, has been found in NICMx Fort 1.6.3/1.6.4. Affected by this issue is some unknown functionality of the component Manifest RPKI Object Handler. The manipulation leads to integer underflow.
This vulnerability is handled as CVE-2024-56375. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2009-3867 | Sun JRE/JDK 1.5.0 Parser HsbParser.getSoundBank memory corruption (EDB-16294 / Nessus ID 43048)
8 months ago
A vulnerability, which was classified as very critical, has been found in Sun JRE and JDK 1.5.0. Affected by this issue is the function HsbParser.getSoundBank of the component Parser. The manipulation leads to memory corruption.
This vulnerability is handled as CVE-2009-3867. The attack may be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
难道这个世界容不下真正的「mini」吗?
8 months ago
Matrix 首页推荐 Matrix 是少数派的写作社区,我们主张分享真实的产品体验,有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章,展示来自用户的最真实的体验和观点。 文章代表
CVE-2022-35899 | ASUSTek Aura Ready Game SDK Service 1.0.0.4 GameSDK.exe unquoted search path (ID 167763 / EDB-50985)
8 months ago
A vulnerability was found in ASUSTek Aura Ready Game SDK Service 1.0.0.4. It has been classified as critical. This affects an unknown part of the file GameSDK.exe. The manipulation leads to unquoted search path.
This vulnerability is uniquely identified as CVE-2022-35899. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
谷歌向美国司法部提议终止谷歌与苹果百亿美元的搜索交易 但只能禁止3年
8 months ago
看不到的尽头,回顾与展望哈以冲突以来的中东网络战
8 months ago
自 2023 年 10 月以来,以色列和哈马斯之间爆发的冲突助长了中东国家之间的网络攻击,并在全球范围内将多个国家卷入其中。
看不到的尽头,回顾与展望哈以冲突以来的中东网络战
8 months ago
主站 分类 漏洞 工具 极客
CVE-2017-0020 | Microsoft Excel 2010 SP2/2013 RT SP1/2013 SP1/2016 memory corruption (MS17-014 / Nessus ID 97739)
8 months ago
A vulnerability was found in Microsoft Excel 2010 SP2/2013 RT SP1/2013 SP1/2016. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to memory corruption.
This vulnerability was named CVE-2017-0020. The attack can be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2017-0020 | Microsoft Office Web Apps 2013 SP1 memory corruption (MS17-014 / Nessus ID 97739)
8 months ago
A vulnerability was found in Microsoft Office Web Apps 2013 SP1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to memory corruption.
This vulnerability is known as CVE-2017-0020. The attack can be launched remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2017-0018 | Microsoft Internet Explorer 10/11 memory corruption (MS17-006 / Nessus ID 97729)
8 months ago
A vulnerability classified as critical has been found in Microsoft Internet Explorer 10/11. This affects an unknown part. The manipulation leads to memory corruption.
This vulnerability is uniquely identified as CVE-2017-0018. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2017-0017 | Microsoft Edge cross site scripting (MS17-007 / Nessus ID 97730)
8 months ago
A vulnerability was found in Microsoft Edge and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2017-0017. The attack may be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2017-0019 | Microsoft Word 2016 memory corruption (MS17-014 / Nessus ID 97740)
8 months ago
A vulnerability was found in Microsoft Word 2016. It has been classified as critical. This affects an unknown part. The manipulation leads to memory corruption.
This vulnerability is uniquely identified as CVE-2017-0019. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
CVE-2017-0015 | Microsoft Edge Scripting Engine memory corruption (MS17-007 / Nessus ID 97730)
8 months ago
A vulnerability has been found in Microsoft Edge and classified as critical. This vulnerability affects unknown code of the component Scripting Engine. The manipulation leads to memory corruption.
This vulnerability was named CVE-2017-0015. The attack can be initiated remotely. There is no exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com