Aggregator

ISC（Internet Systems Consortium）が提供するISC BINDには、複数の脆弱性が存在します。

The Apache Software Foundationが提供するApache Struts 2には、サービス運用妨害（DoS）の脆弱性が存在します。

Apache TomcatにはApache Commons FileUploadによる、サービス運用妨害（DoS）の脆弱性が存在します。

The Apache Software Foundation から、Apache Tomcat の脆弱性に対するアップデートが公開されました。

With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware.

Инструмент открывает новые горизонты в OSINT и пентесте.

A vulnerability, which was classified as problematic, was found in Loway QueueMetrics. Affected is an unknown function. The manipulation leads to open redirect. This vulnerability is traded as CVE-2024-42341. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Loway QueueMetrics and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to http request smuggling. This vulnerability is known as CVE-2024-42342. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Samsung Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920 and Exynos W93. Affected by this issue is the function slsi_rx_roamed_ind. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2024-27364. The attack needs to be done within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Loway QueueMetrics. This issue affects some unknown processing. The manipulation leads to observable response discrepancy. The identification of this vulnerability is CVE-2024-42343. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in TrueBooker Plugin up to 1.0.2 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-6924. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in TrueBooker Plugin up to 1.0.2 on WordPress and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-6925. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in WP MultiTasking Plugin up to 0.1.12 on WordPress. It has been classified as problematic. Affected is an unknown function of the component SMTP Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-6856. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability classified as problematic has been found in WP MultiTasking Plugin up to 0.1.12 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-6859. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /inccatadd.php. The manipulation of the argument title leads to sql injection. This vulnerability is handled as CVE-2024-8570. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file roll_cms/roll_cms/views.py. The manipulation leads to information exposure through error message. This vulnerability is uniquely identified as CVE-2024-8571. The attack needs to be approached within the local network. There is no exploit available. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

A vulnerability was found in Gouniverse GoLang CMS 1.4.0. It has been declared as problematic. This vulnerability affects the function PageRenderHtmlByAlias of the file FrontendHandler.go. The manipulation of the argument alias leads to cross site scripting. This vulnerability was named CVE-2024-8572. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

万物安全精品发布会预约！

企业组12强与创客组6强，谁能问鼎冠军？

云原生安全是云安全的进阶阶段，它不仅继承了云安全的理念和方法，而且在技术和服务模式上有所深化和发展。