Aggregator

Хакеры научились прятать вирусы там, где их никто не ищет.

《CDSL-YAK 网络安全领域编程语言—从入门到实践》出版！妈妈再也不用担心我学不会YAK了~

The UK’s financial regulators have discarded plans to force critical suppliers to disclose new vulnerabilities

三重情报，

各种问题已经持续一周时间了

A vulnerability classified as problematic was found in wasm3 139076a. This vulnerability affects unknown code. The manipulation leads to denial of service. This vulnerability was named CVE-2024-27527. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability classified as problematic was found in Linux Kernel up to 6.11.6. Affected by this vulnerability is the function il_isr of the file net/mac80211/util.c of the component iwlegacy. The manipulation leads to excessive iteration. This vulnerability is known as CVE-2024-50234. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.115/6.6.59/6.11.6. Affected by this issue is some unknown functionality of the component cfg80211. The manipulation leads to double free. This vulnerability is handled as CVE-2024-50235. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Artifex Ghostscript up to 10.03.x. This affects an unknown part of the file base/gsdevice.c of the component Filename Parser. The manipulation leads to integer overflow. This vulnerability is uniquely identified as CVE-2024-46953. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in SourceCodester Simple Music Cloud Community System 1.0. This vulnerability affects unknown code of the file /music/ajax.php?action=signup. The manipulation of the argument pp leads to unrestricted upload. This vulnerability was named CVE-2024-11054. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Linux Kernel up to 5.10.201/5.15.139/6.1.63/6.5.12/6.6.2. Affected by this vulnerability is the function ath11k_mac_get_ar_by_pdev_id of the component ath11k. The manipulation leads to use after free. This vulnerability is known as CVE-2023-52798. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.