Aggregator

A vulnerability was found in GNU MPlayer 1.02rc2 and classified as critical. Affected by this issue is some unknown functionality of the component FLAC Comment Parser. The manipulation leads to numeric error. This vulnerability is handled as CVE-2008-0485. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

越权漏洞，用户能够修改或访问其他用户（包括管理员）的数据或权限。

A vulnerability classified as critical was found in Proticaret 3.0. Affected by this vulnerability is an unknown functionality of the component SOAP. The manipulation leads to sql injection. This vulnerability is known as CVE-2014-9237. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Laravel Framework up to 5.5.21. It has been classified as problematic. This affects the function writeNewEnvironmentFileWith of the file /.env of the component Permission. The manipulation as part of Password leads to information disclosure (Password). This vulnerability is uniquely identified as CVE-2017-16894. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Micro Focus Filr up to 3.x SU5. Affected is an unknown function of the component famtd. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2019-3475. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in phpAlbum up to 0.4.1.16. This affects an unknown part of the file main.php. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2011-4806. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Apple Mac OS X 10.1.x and classified as critical. Affected by this vulnerability is an unknown functionality of the component Software Update. The manipulation leads to improper privilege management. This vulnerability is known as CVE-2002-0676. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

2025年1月11日09:00-1月13日09:00 开年之战已就绪

2025年1月11日09:00-1月13日09:00 开年之战已就绪

2025年1月11日09:00-1月13日09:00 开年之战已就绪

2025年1月11日09:00-1月13日09:00 开年之战已就绪

2025年1月11日09:00-1月13日09:00 开年之战已就绪

第九届XCTF国际网络攻防联赛 Vol.4新的赛年，新的征程2025年1月11日09:00-1月13日09:00「 SUCTF 2025 」开年之战已就绪热爱即将凝聚...  本场赛事由联合战队「SU

A vulnerability was found in Subversion 1.0/1.0.1/1.0.2. It has been declared as critical. This vulnerability affects the function sscanf. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2004-0397. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Let’s face it: most of us dislike bureaucracy. The endless forms, the rigid processes, and the perceived complexity. “Why can’t things be simpler?” we often ask, blaming bureaucratic systems for complicating everything. However, sometimes—perhaps even often—bureaucracy has its merits. It provides logic, structure, and safeguards that are invaluable, particularly in today’s threat landscape. A New […]

The post In Praise of Bureaucracy – A New Era of Cyber Threats appeared first on CybeReady.

The post In Praise of Bureaucracy – A New Era of Cyber Threats appeared first on Security Boulevard.

Let’s face it: most of us dis

一脏牛漏洞从动态链接库加载机制时，我们就知道了一个事情，Linux会将需要初始化操作推迟到真正使用时才会初始化，而不是在准备阶段就直接进行所有的初始化操作。这一点也体现在进程的使用过程当中。首先，上面

数字化时代，系统漏洞如同隐形的威胁，潜伏在企业网络的每个角落。0day漏洞的发现与利用，已成为黑客攻击的主要手段，给企业安全带来巨大的威胁和挑战。我们特别推出了“系统0day安全”系列课程，本系列课程

看雪论坛作者ID：福建炒饭乡会