Aggregator

A vulnerability, which was classified as critical, was found in berylium Berylium2 2003-08-18. Affected is an unknown function of the file berylium-classes.php. The manipulation of the argument beryliumroot leads to file inclusion. This vulnerability is traded as CVE-2007-2531. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

欧盟消费者保护组织 European Consumer Organisation (BEUC)及其 22 国成员提起诉讼，指控游戏公司 Epic Games、EA、Roblox、微软旗下的动视暴雪和 Mojang Studios、腾讯控股的 Supercell 以及法国育碧欺骗消费者，引诱玩家花钱。BEUC 总干事 Agustin Reyna 在一份声明中表示，其成员确认了玩家被误导花钱的大量案例。监管机构必须采取行动，明确即使游戏世界是虚拟的，它仍需要遵守现实世界的规则。消费者保护组织称，他们担心，玩家尤其是儿童，可能看不到游戏内数字物品的真实代价，因而超额支出。

期待越来越多的选手可以参与到下一届的比赛中~

期待越来越多的选手可以参与到下一届的比赛中~

Apache ActiveMQおよびApache ActiveMQ Legacy OpenWire Moduleにはリモートコード実行が可能となる脆弱性があります。

ISC（Internet Systems Consortium）が提供するISC BINDには、複数の脆弱性が存在します。

The Apache Software Foundationが提供するApache Struts 2には、サービス運用妨害（DoS）の脆弱性が存在します。

Apache TomcatにはApache Commons FileUploadによる、サービス運用妨害（DoS）の脆弱性が存在します。

The Apache Software Foundation から、Apache Tomcat の脆弱性に対するアップデートが公開されました。

With an immature codebase and a "rather chaotic encryption scheme" prone to failure, the group targets small businesses with custom malware.

Инструмент открывает новые горизонты в OSINT и пентесте.

A vulnerability, which was classified as problematic, was found in Loway QueueMetrics. Affected is an unknown function. The manipulation leads to open redirect. This vulnerability is traded as CVE-2024-42341. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Loway QueueMetrics and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to http request smuggling. This vulnerability is known as CVE-2024-42342. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Samsung Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920 and Exynos W93. Affected by this issue is the function slsi_rx_roamed_ind. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2024-27364. The attack needs to be done within the local network. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Loway QueueMetrics. This issue affects some unknown processing. The manipulation leads to observable response discrepancy. The identification of this vulnerability is CVE-2024-42343. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in TrueBooker Plugin up to 1.0.2 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-6924. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in TrueBooker Plugin up to 1.0.2 on WordPress and classified as problematic. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-6925. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in WP MultiTasking Plugin up to 0.1.12 on WordPress. It has been classified as problematic. Affected is an unknown function of the component SMTP Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-6856. It is possible to launch the attack remotely. There is no exploit available.