Aggregator

我们带着四篇论文向NDSS进发中~

我们带着四篇论文向NDSS进发中~

A vulnerability, which was classified as critical, was found in IrfanView. Affected is an unknown function of the component DXF File Parser. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2024-11532. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in IrfanView and classified as critical. Affected by this vulnerability is an unknown functionality of the component DXF File Parser. The manipulation leads to out-of-bounds write. This vulnerability is known as CVE-2024-11533. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IrfanView and classified as critical. Affected by this issue is some unknown functionality of the component DXF File Parser. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-11534. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IrfanView. It has been classified as critical. This affects an unknown part of the component DXF File Parser. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2024-11535. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IrfanView. It has been declared as critical. This vulnerability affects unknown code of the component DXF File Parser. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-11536. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in IrfanView. It has been rated as critical. This issue affects some unknown processing of the component DXF File Parser. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-11537. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in IrfanView. Affected is an unknown function of the component DWG File Parser. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2024-11554. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Microsoft Internet Explorer 5.0. Affected by this vulnerability is an unknown functionality of the component Download Handler. The manipulation leads to code injection. This vulnerability is known as CVE-1999-0891. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Prompt Injection Attack 分享

A vulnerability, which was classified as critical, has been found in Microsoft Internet Explorer up to 6. This issue affects the function OnKeyPress of the component JavaScript. The manipulation as part of Form leads to improper input validation. The identification of this vulnerability is CVE-2006-2894. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.

A vulnerability was found in Binarymoon WordThumb 1.07. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument src leads to code injection. The identification of this vulnerability is CVE-2014-4663. The attack may be initiated remotely. Furthermore, there is an exploit available.

Google Cloud has introduced quantum-safe digital signatures to its Cloud Key Management Service (Cloud KMS), making them available in preview. [...]

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Power Pages vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Power Pages vulnerability, tracked as CVE-2025-24989, to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2025-24989 (CVSS score: 8.2) is an improper access control flaw in Power Pages, an unauthorized […]

Name: Kashi CTF 2025 (an Kashi CTF event.)
Date: Feb. 22, 2025, noon — 23 Feb. 2025, 12:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://kashictf.iitbhucybersec.in/
Rating weight: 22.04
Event organizers: Codefest

Name: TRX CTF 2025 (an TRX CTF event.)
Date: Feb. 22, 2025, 2 p.m. — 23 Feb. 2025, 14:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://ctf.theromanxpl0.it/
Rating weight: 24.14
Event organizers: TheRomanXpl0it

小行星 2024 YR4 将于 2032 年 12 月 22 日抵达近地点，鉴于轨道的不确定性，它有可能会撞击地球。而撞击的概率会随着数据的收集而出现变化。最早的计算估计它撞击地球的概率是 1.3%， 2 月 18 日提高到 3.1%，2 月 19 日降至 1.5%，现在则进一步降至了 0.28%，而撞击月球的概率则提高到了 1%。观测还在继续，地球居民无需恐慌了。

CIC-Darknet2020数据集，并由实验得出，随机森林（Random Forest）的表现最优。

CIC-Darknet2020数据集，并由实验得出，随机森林（Random Forest）的表现最优。