Aggregator

Summarizing the past, embraci

A vulnerability, which was classified as problematic, was found in Coherent Graphics CPDF up to 2.8. Affected is an unknown function of the component PDF Document Handler. The manipulation leads to uncontrolled recursion. This vulnerability is traded as CVE-2024-54731. An attack has to be approached locally. There is no exploit available.

ABBが提供する複数の製品には、複数の脆弱性が存在します。

哥伦布 写道：1975 年 1 月份的《大众电子》(Popular Electronics)杂志封面刊登了一则划时代的广告，那是一台售价 397 美金的名为 Altair 8800 的计算机套件。从技术规格看，Altair 8800 的配置可以说相当简陋：标准版只有 256 字节内存，没有键盘和显示器，程序需要通过前面板上的开关以二进制方式输入，输出则通过 LED 指示灯显示。但正是这种简约的设计，让它的价格得以降到普通消费者可以接受的水平。这期杂志启发了 21 岁的霍尼韦尔程序员保罗·艾伦和 19岁 的哈佛大学学生比尔·盖茨，他们认为个人计算机时代即将来临，而为这样的计算机开发软件将成为巨大的市场。于是他们开始在哈佛大学的PDP-10大型机上用模拟器进行开发，经过8周的昼夜不停工作，最终完成了仅3.2KB大小却功能完整的BASIC解释器。程序最终成功出售给了MITS公司，并催生了"微软"公司（最初名为"Micro-Soft"），它于1975年4月正式成立。 很难想象在短短几十年前，拥有一台个人计算机还是一个遥不可及的梦想。Altair 8800 的发布，不仅开创了个人计算机时代，还培育了包括微软在内的众多科技巨头，影响了整个数字革命的进程。它提醒我们，创新不仅需要技术突破，更需要让技术走向大众，真正改变人们的生活。

哥伦布 写道：1975 年 1 月份的《大众电子》(Popular Electronics)杂志封面刊登了一则划时代的广告，那是一台售价 397 美金的名为 Altair 8800 的计算

Nedap Librixが提供するEcoreaderには、重要な機能に対する認証の欠如の脆弱性が存在します。

A CVSS score 7.3 AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-01-08, 55 days ago. The vendor is given until 2025-05-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.3 AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-01-08, 55 days ago. The vendor is given until 2025-05-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.3 AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Michael DePlante (@izobashi) of Trend Micro's Zero Day Initiative' was reported to the affected vendor on: 2025-01-08, 55 days ago. The vendor is given until 2025-05-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2025-01-08, 55 days ago. The vendor is given until 2025-05-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 4.4 AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-01-08, 55 days ago. The vendor is given until 2025-05-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 7.5 AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'phudq and namnp from Viettel Cyber Security' was reported to the affected vendor on: 2025-01-08, 55 days ago. The vendor is given until 2025-05-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

A CVSS score 3.3 AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2025-01-08, 23 days ago. The vendor is given until 2025-05-08 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

名为“FlowerStorm”的新 Microsoft 365 网络钓鱼即服务平台填补了 Rockstar2FA 网络犯罪服务突然关闭所留下的空白。Trustwave 于 2024 年 11 月下旬首

无论 FlowerStorm 突然崛起背后的原因是什么，对于用户和企业来说，它是破坏性网络 钓鱼攻击的又一推动因素，可能导致全面的网络攻击。

能源行业是国家经济的重要支柱，安全问题关系到社会稳定和国民经济的正常运转。随着智能电网和物联网技术的应用，能源行业在提升效率和管理水平的同时，也面临着日益复杂的安全挑战。本期我们将通过一些典型案例，展示能源行业如何实现安全运营，确保关键基础设施的可靠性和安全性。 PS：典型案例展示排名不分先后，按企业简称首字母排序。

Netblocks 的监测显示，俄罗斯圣彼得堡 ISP Nodex 的固网和移动网络全面瘫痪，这一事件目前还在持续之中。该公司报告它遭受了乌克兰的网络攻击，导致其网络被破坏。而乌克兰黑客组织 Ukraine Cyber Alliance 称他们删除了包括备份在内的 Nodex 数据。

登录 注册