Aggregator

护航香港数智安全新发展

近日，由香港特别行政区数字政策办公室与香港互联网注册管理有限公司联合举办的网络安全技术论坛2024在香港成功召开。期间，香港网络安全专业协会正式成立，360数字安全集团凭借在数字安全和人工智能领域的双

A vulnerability was found in Cakefoundation CakePHP up to 2.2.0-beta. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2012-4399. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Firejail up to 0.9.38.7/0.9.44.3 and classified as critical. Affected by this issue is some unknown functionality of the component Sandbox. The manipulation leads to improper access controls. This vulnerability is handled as CVE-2017-5180. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Wireshark up to 0.99.8. It has been classified as problematic. Affected is an unknown function of the file packet-bssap.c. The manipulation leads to denial of service. This vulnerability is traded as CVE-2008-1563. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

众所周知，社交媒体公司会雇佣大量外包帮助审核其平台上的内容，避免各种违法或违反公司政策的内容出现在用户信息流里。外包通常来自低薪水的发展中国家。社交巨头 Meta 雇佣的一家外包公司名叫

众所周知，社交媒体公司会雇佣大量外包帮助审核其平台上的内容，避免各种违法或违反公司政策的内容出现在用户信息流里。外包通常来自低薪水的发展中国家。社交巨头 Meta 雇佣的一家外包公司名叫 Samasource Kenya，该公司以及 Meta 受到起诉，案件出具的文件显示有逾 140 名肯尼亚审核人员因为天天审核恶心的内容而被诊断有严重 PTSD。这些审核人员每天工作 8 到 10 个小时，患有 PTSD、广泛性焦虑症 (GAD) 和重度抑郁症 (MDD)。文件称，恋尸癖、兽交和自残等图片和视频令审核人员晕倒、呕吐、尖叫以及跑离办公桌。诉讼称，至少有 40 名审核人员经历过药物滥用、婚姻破裂和与家人断绝关系，还有部分人担心他们监视的恐怖组织会来追捕他们。

3月1日，我们杭州见～

每年的圣诞季，老外们除了期待礼物和美味大餐，最让人兴奋的莫过于追踪圣诞老人的奇幻旅程。Google 圣诞老人追踪器 (Google Santa Tracker) 自 2004 年推出以来，已成为全球家

A vulnerability was found in Tildeslash Monit up to 4.3 Beta 2 and classified as very critical. This issue affects some unknown processing of the component Administration Interface. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2004-1898. The attack may be initiated remotely. Furthermore, there is an exploit available.

Glic переведет интернет на человеческий и будет понимать вас с полуслова.

本篇主要介绍了SQL注入的原理、常用payload及绕过WAF方法

A vulnerability, which was classified as critical, was found in Zoom Client up to 2.0 on Linux. Affected is an unknown function of the file ZoomLauncher of the component zoommtg:/ Scheme Handler. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2017-15048. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

从 Raycast 到如快：一个程序员的全平台效率启动器解决方案 利益相关声明： 作者与文中产品有直接的利益相关（开发者、自家产品等） Matrix 首页推荐 Matrix 是少数派的写作社区，我们

A vulnerability classified as problematic was found in Wireshark up to 2.0.0. Affected by this vulnerability is the function ipmi_fmt_udpport of the file epan/dissectors/packet-ipmi.c of the component IPMI Dissector. The manipulation leads to improper input validation. This vulnerability is known as CVE-2015-8739. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in IBM Domino 8.5.3/9.0. Affected is an unknown function of the component IMAP Service. The manipulation of the argument Mailbox Name leads to memory corruption. This vulnerability is traded as CVE-2017-1274. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Akeo Rufus up to 2.17. It has been rated as problematic. This issue affects some unknown processing of the component Update Download Validator. The manipulation leads to 7pk security features. The identification of this vulnerability is CVE-2017-13083. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Microsoft Office 2007 SP3/2010 SP2/2013 SP1/2016. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2017-11882. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Microsoft Internet Explorer 11 on Win10. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to injection. The identification of this vulnerability is CVE-2017-0154. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.