Aggregator

登录 注册

更多行业动态，敬请关注安全419

主要动态汇总如下：（企业排列不分先后）01腾讯云金融安全峰会在沪顺利召开12月6日，腾讯云在上海举办2024腾讯云金融安全峰会，以“安全价值显性化：共筑金融安全生命线”为主题，邀请安全专家及金融行业T

A vulnerability, which was classified as critical, has been found in Changing Information Technology CGFIDO up to 1.2.0. Affected by this issue is some unknown functionality of the component Device Authentication Login. The manipulation leads to authentication bypass by capture-replay. This vulnerability is handled as CVE-2024-12839. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as very critical was found in Quanta Computer QOCA Aim. Affected by this vulnerability is an unknown functionality of the component Account Information Handler. The manipulation of the argument User ID leads to authorization bypass. This vulnerability is known as CVE-2024-13040. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as very critical has been found in Changing Information Technology CGFIDO up to 1.0.x. Affected is an unknown function of the component Passwordless Login. The manipulation leads to authentication bypass by assumed-immutable data. This vulnerability is traded as CVE-2024-12838. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Hunk Companion Plugin up to 1.8.x on WordPress. It has been rated as problematic. This issue affects some unknown processing of the component REST API Endpoint. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2024-11972. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Sun Solaris 2.5/2.5.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component ufsrestore. The manipulation leads to memory corruption. This vulnerability is handled as CVE-1999-0069. The attack needs to be approached locally. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Apple iOS up to 9.0. This affects an unknown part of the component IOAcceleratorFamily. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2015-6996. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Mirabilis ICQ 2.6 X Beta on MacOS X. Affected is an unknown function of the component Request Handler. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2002-1773. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

2024年度十大漏洞盘点：最高影响设备量数以亿计

数字时代，一切都架构在软件、网络、大数据之上。由于硬件、软件、协议在具体实现或操作系统安全策略上总会存在缺陷，所以漏洞无法避免。在即将过去的2024年中，安全漏洞数量持续增长，类型日趋多样化。据360

本月玩什么 | 夺宝奇兵、LOK Digital、纪念碑谷 3 欢迎来到「本月玩什么」，本栏目将从作者个人角度出发，独立挑选一些本月新发售的游戏作品/内容做简要介绍、评论，不保证收录覆盖面，且并非每

Hey dev community! With the holidays right around the corner, it feels like the perfect time to talk

Authors:(1) Jorge P. Rodrıguez, Instituto de Fiscia Interdisciplinar y Sistemas Complejos (IFISC),

A vulnerability was found in Apple Mac OS X up to 10.11.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component Disk Images. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2015-6995. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

本周，互联网网络安全态势整体评价为良。