Aggregator

Анализ активности показывает, что две группировки могут действовать как единая сеть.

In Q4 2024, cyber threats reached unprecedented levels, with 2.55 billion attacks blocked, equating to 321 threats every second. In this Help Net Security video, Luis Corrons, Security Evangelist at Gen, discusses a new Gen report that highlights a troubling trend: social media has become a prime target for cybercriminals, who are leveraging AI-driven scams, malvertising, and phishing tactics to exploit users at scale. Here’s what you need to know: Facebook is the biggest target, … More →

The post Scammers take over social media appeared first on Help Net Security.

Hitachi Energyが提供する複数の製品には、複数の脆弱性が存在します。

Delta Electronicsが提供するCNCSoft-G2には、ヒープベースのバッファオーバーフローの脆弱性が存在します。

GMODが提供するApolloには、複数の脆弱性が存在します。

Edimaxが提供するIC-7100 IP Cameraには、OSコマンドインジェクションの脆弱性が存在します。

Сотни миллионов пакетов обрушиваются на цели, парализуя их на несколько суток.

A vulnerability, which was classified as problematic, was found in IBM Concert Software 1.0.0/1.0.1/1.0.2/1.0.2.1/1.0.3. Affected is an unknown function. The manipulation leads to risky cryptographic algorithm. This vulnerability is traded as CVE-2024-52366. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in IBM Concert Software 1.0.0/1.0.1/1.0.2/1.0.2.1/1.0.3 and classified as problematic. This issue affects some unknown processing. The manipulation leads to information exposure through error message. The identification of this vulnerability is CVE-2024-52893. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in IBM Concert Software 1.0.0/1.0.1/1.0.2/1.0.2.1/1.0.3. It has been classified as problematic. Affected is an unknown function. The manipulation leads to exposure of sensitive system information to an unauthorized control sphere. This vulnerability is traded as CVE-2024-52367. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in IBM Concert Software 1.0.0/1.0.1/1.0.2/1.0.2.1/1.0.3 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper output neutralization for logs. This vulnerability is handled as CVE-2024-52891. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in CampCodes Computer Laboratory Management System 1.0. Affected by this issue is some unknown functionality of the file /class/edit/edit. The manipulation of the argument e_photo leads to unrestricted upload. This vulnerability is handled as CVE-2025-0341. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in IBM Control Center 6.2.1/6.3.1. This vulnerability affects unknown code. The manipulation leads to information exposure through error message. This vulnerability was named CVE-2024-35111. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in IBM Control Center 6.2.1/6.3.1. This issue affects some unknown processing. The manipulation leads to basic cross site scripting. The identification of this vulnerability is CVE-2024-35112. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in IBM Control Center 6.2.1/6.3.1. Affected is an unknown function. The manipulation leads to observable response discrepancy. This vulnerability is traded as CVE-2024-35114. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in IBM Control Center 6.2.1/6.3.1 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to exposure of information through directory listing. This vulnerability is known as CVE-2024-35113. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Security Verify Governance 10.0.2. It has been classified as problematic. This affects an unknown part of the component Identity Manager. The manipulation leads to one-way hash without salt. This vulnerability is uniquely identified as CVE-2023-33838. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Security Verify Governance 10.0.2. It has been declared as problematic. This vulnerability affects unknown code of the component Identity Manager. The manipulation leads to cleartext transmission of sensitive information. This vulnerability was named CVE-2023-35017. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IBM Concert Software 1.0.0/1.0.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to missing encryption of sensitive data. This vulnerability is handled as CVE-2024-41757. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.