Aggregator

我国科学家成功构建了一个四个节点间 300 公里级的全连接量子直接通信网络。实验结果显示，即使在 300 公里的长距离传输后，各节点间的量子态保真度仍保持在 85% 以上，光子对数到达率稳定在 300—400 赫兹，这意味着经过编码后，理论通信速率可达每秒数比特。这些技术突破为量子通信网络的实用化奠定了基础。未来，这项技术有望应用于军事指挥、政务通信、金融交易等对信息安全要求极高的领域，为信息传输提供更加可靠的保障。

A vulnerability has been found in hiWeb Migration Simple Plugin up to 2.0.0.1 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2023-0769. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Cisco BroadWorks Application Delivery Platform and Xtended Services Platform. This affects an unknown part of the component Web-based Management Interface. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-20270. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Voting Record Plugin up to 2.0 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2023-7083. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Qubely Plugin up to 1.8.4 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Block Option Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2023-0376. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Directorist Plugin up to 7.5.3 on WordPress. It has been rated as critical. This issue affects some unknown processing of the component CSV File Import. The manipulation of the argument File leads to path traversal. The identification of this vulnerability is CVE-2023-2252. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Royal Elementor Addons and Templates Plugin up to 1.3.80 on WordPress. Affected by this issue is some unknown functionality of the component AJAX Action Handler. The manipulation leads to authorization bypass. This vulnerability is handled as CVE-2023-5922. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Ecwid Ecommerce Shopping Cart Plugin up to 6.12.4 on WordPress. It has been classified as problematic. Affected is an unknown function of the component Setting Handler. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2023-6292. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Supsystic Ultimate Maps Plugin up to 1.2.15 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2023-6732. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in EventON Plugin up to 2.2.6/4.5.4 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability is known as CVE-2024-0237. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in WooCommerce Product Enquiry Plugin up to 3.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument page leads to cross site scripting. This vulnerability is handled as CVE-2023-7151. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in EventON Plugin up to 2.2.6/4.5.4 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component AJAX Action Handler. The manipulation leads to missing authorization. This vulnerability is known as CVE-2024-0238. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Burst Statistics Really Simple Plugin up to 1.5.3 on WordPress. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-0405. The attack can be launched remotely. There is no exploit available.

A vulnerability has been found in kalcaddle kodbox 1.49.04 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component URL Parameter Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2023-52069. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in ABO.CMS 5.9.3. It has been classified as problematic. This affects an unknown part of the component HTTP Header Handler. The manipulation of the argument Referer leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-46952. It is possible to initiate the attack remotely. There is no exploit available.

Currently trending CVE - Hype Score: 20 - CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows SSRF via the host and port parameters in a command=telnetSocket request to the /WebInterface/function/ URI.

Currently trending CVE - Hype Score: 1 - An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.

太阳黑子区域 AR 4100 上周末释放出了 M8.2 级太阳耀斑，朝地球方向喷出了日冕物质抛射，引发了 G4 级地磁风暴。地磁风暴强度范围从 G1 到 G5，其中 G5 为最高等级。此次地磁风暴是第 25 太阳周期最瞩目的太空天气事件之一，在北方产生了大范围极光。在加拿大 Alberta 省，极光覆盖了整个天空。

A vulnerability was found in Agares Media Arcadem 2.0.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument blockpage leads to sql injection. This vulnerability is handled as CVE-2007-4552. The attack may be launched remotely. Furthermore, there is an exploit available.

Three security vulnerabilities have been disclosed in preloaded Android applications on smartphones from Ulefone and Krüger&Matz that could enable any app installed on the device to perform a factory reset and encrypt an application. A brief description of the three flaws is as follows - CVE-2024-13915 (CVSS score: 6.9) - A pre-installed "com.pri.factorytest" application on Ulefone and