Aggregator

OpenAI has again confirmed that it will unify multiple models into one and create GPT-5, which is expected to ship sometime in the summer. [...]

A vulnerability has been found in Microsoft Internet Explorer 8/9 and classified as critical. This vulnerability affects unknown code of the component HTTP/HTTPS Request Handler. The manipulation leads to configuration. This vulnerability was named CVE-2013-1451. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to replace the affected component with an alternative.

该文章描述了一段恶意代码片段，用于通过Python pip安装特定模块并执行加密请求操作。

A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of the argument name/folder leads to path traversal. This vulnerability is traded as CVE-2025-7098. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Windows 11的Notepad新增Markdown格式功能，默认开启。用户可通过工具栏选择标题、子标题、正文、项目符号等格式，并支持加粗、斜体和超链接。该功能轻量且不影响性能，可随时关闭或清除格式。

BERT is a newly emerged ransomware group that pairs simple code with effective execution—carrying out attacks across Europe and Asia. In this entry, we examine the group’s tactics, how their variants have evolved, and the tools they use to get past defenses and speed up encryption across platforms.

当前已知的 公开的 第一款 基于规则的 多语言的 快速的 GUI的 代码审计工具。

多层次防护设计，确保虚拟电厂安全稳定运行。

Notepad now lets you use markdown text formatting on Windows 11, which means you can write in Notepad just like you could in WordPad. [...]

A vulnerability was found in HPE OpenCall Media Platform 4.3.2. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to injection. This vulnerability was named CVE-2017-5799. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

OpenAI's "Study together" mode has been spotted in the wild, and it could help students prepare for exams directly from ChatGPT. [...]

A vulnerability was found in Google Chrome. It has been classified as critical. This affects an unknown part of the component File System API. The manipulation leads to Remote Code Execution. This vulnerability is uniquely identified as CVE-2023-0140. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in xml2js 0.4.23. This vulnerability affects unknown code of the component JSON Key Handler. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). This vulnerability was named CVE-2023-0842. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in Google Chrome and classified as critical. Affected by this issue is some unknown functionality of the component Downloads. The manipulation leads to insufficient verification of data authenticity. This vulnerability is handled as CVE-2023-0139. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Google Chrome and classified as critical. Affected by this vulnerability is an unknown functionality of the component libphonenumber. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2023-0138. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Google Chrome. Affected is an unknown function of the component Platform Apps. The manipulation leads to heap-based buffer overflow. This vulnerability is traded as CVE-2023-0137. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Google Chrome. This vulnerability affects unknown code of the component Cart. The manipulation leads to use after free. This vulnerability was named CVE-2023-0135. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in FlatNuke 2.5.3. This affects an unknown part of the component Error Message Handler. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2005-1893. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. Affected by this vulnerability is the function formSetLanguage of the file /goform/formSetLanguage of the component webs. The manipulation of the argument webpage leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-7093. The attack can be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Belkin F9K1122 1.00.33. It has been rated as critical. Affected by this issue is the function formBSSetSitesurvey of the file /goform/formBSSetSitesurvey of the component webs. The manipulation of the argument submit-url-ok leads to stack-based buffer overflow. This vulnerability is handled as CVE-2025-7094. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.