Aggregator

A vulnerability classified as critical was found in Siemens Solid Edge up to 224.0 Update 4. Affected by this vulnerability is an unknown functionality of the component PAR File Handler. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2024-33492. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as critical, has been found in Siemens Solid Edge up to 224.0 Update 4. Affected by this issue is some unknown functionality of the component PAR File Handler. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-33493. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Siemens Simcenter Nastran 2306, Simcenter Nastran 2312 and Simcenter Nastran 2406 and classified as critical. This vulnerability affects unknown code. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2024-33577. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

当反序列化过程中自动加载了恶意类（通过@type指定）时，可能触发任意代码执行。

A vulnerability was found in Yaeger CMS 1.2.1. It has been rated as critical. This issue affects some unknown processing of the component Password Recovery. The manipulation of the argument userEmail leads to sql injection. The identification of this vulnerability is CVE-2015-7568. The attack may be initiated remotely. Furthermore, there is an exploit available.

Первые тесты внушают оптимизм, но главное впереди.

A vulnerability was found in Siemens JT2Go and Teamcenter Visualization and classified as critical. This issue affects some unknown processing of the component XML File Handler. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2024-34085. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens JT2Go and Teamcenter Visualization. It has been classified as critical. Affected is an unknown function of the component CGM File Handler. The manipulation leads to out-of-bounds write. This vulnerability is traded as CVE-2024-34086. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens Solid Edge up to 224.0 Update 1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component PAR File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is known as CVE-2024-34771. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Siemens Solid Edge up to 224.0 Update 3. It has been rated as critical. Affected by this issue is some unknown functionality of the component PAR File Handler. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-34772. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in wpdevteam Essential Addons for Elementor Plugin up to 5.9.20 on WordPress. This affects an unknown part. The manipulation of the argument eael_ext_toc_title_tag leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-4624. It is possible to initiate the attack remotely. There is no exploit available.

JNDI 是 Java 提供的统一资源访问接口，支持通过名称（如ldap://example.com/obj）动态加载远程对象。

A vulnerability classified as critical was found in Siemens Solid Edge up to 224.0 Update 1. This vulnerability affects unknown code of the component PAR File Handler. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2024-34773. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Siemens CPC80 Central Processing Communication and CPCI85 Central Processing Communication. It has been classified as critical. This affects an unknown part of the component HTTP Header Handler. The manipulation leads to improper null termination. This vulnerability is uniquely identified as CVE-2024-31484. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens Parasolid. It has been declared as critical. This vulnerability affects unknown code of the component X_T File Handler. The manipulation leads to out-of-bounds write. This vulnerability was named CVE-2024-31980. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Siemens PS IGES Parasolid Translator Component. It has been rated as critical. This issue affects some unknown processing of the component IGS File Handler. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-32055. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical has been found in Siemens PS IGES Parasolid Translator Component. Affected is an unknown function of the component IGS File Handler. The manipulation leads to type confusion. This vulnerability is traded as CVE-2024-32057. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

根据发表在《GeoHealth》期刊上的一项研究，火星尘埃含有的细小颗粒和二氧化硅、金属等有害物质，会对宇航员的健康构成严重威胁，使火星任务比之前认为的更加危险。在执行阿波罗登月任务期间，宇航员就遭受过月球尘埃的侵袭。月球尘埃吸附在宇航服上，渗透进入月陆器，导致咳嗽、流泪和喉咙发炎。研究表明，长期接触会对健康带来慢性影响。火星尘埃不像月球尘埃那样锐利且粗糙，但它也具有粘附在一切物体上的倾向，细小颗粒可以深入肺部并进入血液。尘埃中的有毒物质包括二氧化硅、石膏和各种金属。执行火星任务的宇航员不可能迅速返回地球接受治疗。40 分钟的通信延迟也会限制来自地球的远程医疗支持。研究人员建议限制接触灰尘，使用空气过滤器、自我清洁太空服和静电排斥装置。

A vulnerability was found in Mozilla Firefox up to 50. It has been rated as critical. Affected by this issue is some unknown functionality of the component DOM Event Handler. The manipulation leads to use after free. This vulnerability is handled as CVE-2016-9899. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

关键词数据泄露近日，多位小红书用户反映，小红书后台持续高频获取用户位置信息，有用户最高3天内被访问1.7万次，