Aggregator

A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01. Affected is the function wake_on_lan. The manipulation of the argument mac leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2025-4445. It is possible to launch the attack remotely. There is no exploit available. The vendor was contacted early about this disclosure.

A vulnerability has been found in H3C GR-5400AX up to 100R008 and classified as critical. This vulnerability affects the function Edit_List_SSID of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. This vulnerability was named CVE-2025-4446. The attack needs to be approached within the local network. There is no exploit available.

A vulnerability classified as critical was found in D-Link DIR-619L 2.04B04. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument curTime leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2025-4448. The attack can be initiated remotely. There is no exploit available. The vendor was contacted early about this disclosure.

The UNIDR Intrusion Path is designed to provide a simplified view of cyber-threats and security across the network perimeter

Индия начинает цифровую чистку по геолокации.

A vulnerability, which was classified as problematic, was found in Microsoft Windows 10/Server 2016. This affects an unknown part of the component VHD Driver. The manipulation leads to improper access controls (File). This vulnerability is uniquely identified as CVE-2016-7226. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, was found in Snapstream PvsPersonal Video Station 1.2a. Affected is an unknown function of the component URL Handler. The manipulation leads to path traversal. This vulnerability is traded as CVE-2001-1108. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability was found in L-Soft Listserv 1.8 and classified as very critical. This issue affects some unknown processing of the component Web Archives. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2000-0425. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

为应对新型 Rootkit 工具 cuing 威胁，本文解析其攻击特征并提出针对性防御建议，助力提升安全防护能力。

为应对新型 Rootkit 工具 cuing 威胁，本文解析其攻击特征并提出针对性防御建议，助力提升安全防护能力。

“五一”假期以来，有关交通出行、旅游消费等领域的话题热度攀升，应警惕各类消费陷阱和不实信息。中国互联网联合辟谣平台提醒广大网民，保持冷静理性，共同维护清朗和谐的网络生态。

本文将在梳理欧盟对金融行业供应链安全方面主要规定的基础上，进一步提出对我国开展相关工作的启示。

近日，《中国网络法治发展报告（2024年）》发布。这是首部以国家网信办名义发布的网络法治领域综合性年度报告，也是中国网络法治发展系列年度报告的开篇，更是一份系统回顾、梳理和总结2024年我国网络法治建设和发展的“全景图”。

日前，国家发展改革委、公安部、国家数据局发布《关于全面推行以专项信用报告替代有无违法违规记录证明的通知》，各省（区、市）专项信用报告应至少涵盖行政处罚（含简易程序作出的行政处罚）、行政强制、严重失信主体名单和刑事裁判（犯罪记录）等信息。

近日，中国人民银行发布《中国人民银行业务领域数据安全管理办法》（中国人民银行令〔2025〕第3号），自2025年6月30日起施行。

“五一”假期以来，有关交通出行、旅游消费等领域的话题热度攀升，应警惕各类消费陷阱和不实信息。中国互联网联合辟谣平台提醒广大网民，保持冷静理性，共同维护清朗和谐的网络生态。

本文将在梳理欧盟对金融行业供应链安全方面主要规定的基础上，进一步提出对我国开展相关工作的启示。

近日，《中国网络法治发展报告（2024年）》发布。这是首部以国家网信办名义发布的网络法治领域综合性年度报告，也是中国网络法治发展系列年度报告的开篇，更是一份系统回顾、梳理和总结2024年我国网络法治建设和发展的“全景图”。

日前，国家发展改革委、公安部、国家数据局发布《关于全面推行以专项信用报告替代有无违法违规记录证明的通知》，各省（区、市）专项信用报告应至少涵盖行政处罚（含简易程序作出的行政处罚）、行政强制、严重失信主体名单和刑事裁判（犯罪记录）等信息。

近日，中国人民银行发布《中国人民银行业务领域数据安全管理办法》（中国人民银行令〔2025〕第3号），自2025年6月30日起施行。