Aggregator

huoji 虚拟机,hypervisor,linux,虚拟化 2024-09-19 11 次浏览 0 次点赞本文由 huoji 创作，采用 知识共享署名 3.0，可自由

A vulnerability, which was classified as critical, was found in orderingapps Sweatshop 2.96. Affected is an unknown function of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is traded as CVE-2014-6843. Access to the local network is required for this attack. There is no exploit available.

複数のマイクロソフト製品に関する脆弱性が公開されています。対象となる製品およびバージョンは多岐にわたります。この問題は、Microsoft Updateなどを用いて、更新プログラムを適用することで解決します。詳細は、開発者が提供する情報を参照してください。

This is the third blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights.

We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China.

A vulnerability, which was classified as critical, has been found in Gannett Daily Advertiser Print 6.7. This issue affects some unknown processing of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2014-6842. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability classified as critical was found in RTI INDIA 3.8.21. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability was named CVE-2014-6841. The attack needs to be done within the local network. There is no exploit available.

A vulnerability classified as critical has been found in Weddingselections My Wedding Planner 1.5. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is uniquely identified as CVE-2014-6840. The attack can only be initiated within the local network. There is no exploit available.

A vulnerability was found in KDE K-Mail 1.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component File Handler. The manipulation leads to symlink following. This vulnerability is known as CVE-1999-0735. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OpenBase. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file development.php. The manipulation of the argument root_prefix leads to Remote Code Execution. This vulnerability is known as CVE-2007-2947. The attack can be launched remotely. Furthermore, there is an exploit available.

A North Korean-linked threat group with a history of using fake job offers in its scams is targetin

A vulnerability, which was classified as critical, was found in Keyvan1 EShoppingPro 1.0. Affected is an unknown function of the file search_run.asp. The manipulation of the argument order leads to sql injection. This vulnerability is traded as CVE-2006-4871. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in OpenBase. It has been classified as critical. Affected is an unknown function of the file download.php. The manipulation of the argument root_prefix leads to Remote Code Execution. This vulnerability is traded as CVE-2007-2947. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

==========================================================================Ubuntu Security Notice U

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- --------------------------------------------------

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.co

Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.co