Aggregator

纽创信安祝大家元旦快乐！

纽创信安祝大家元旦快乐！

中国计划于 2025 年在戈壁滩开始建造一座 10MWt 钍基熔盐反应堆。该反应堆由中科院上海应用物理研究所管理，计划于 2030 年投入运营。钍基熔盐反应堆建造地点是甘肃省武威市民勤县红砂岗，此前当地已经建造了一座 2MWt 钍基熔盐实验堆，2021 年完工和投入运行。相比传统的铀反应堆，钍的储存量更丰富，而中国的钍储藏量位居世界前列。钍基反应堆产生的核废料也更少，使用熔盐作为燃料和冷却剂也有助于减少对大量水的需求，可以在水资源缺乏的地区建造反应堆。

A vulnerability, which was classified as critical, was found in Netscreen ScreenOS 1.73 r1/2.1 r6/2.5 r1/2.10 r3. Affected is an unknown function of the component WebUI. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2001-0007. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in SCO OpenServer 5.0.6. This affects an unknown part of the component lpadmin. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2001-0579. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

根据国家信息安全漏洞库（CNNVD）统计，本周2024年12月23日至2024年12月29日）安全漏洞情况如下。

A vulnerability classified as critical was found in WPLMS Theme Plugin on WordPress. This vulnerability affects unknown code of the component File Upload. The manipulation leads to improper authentication. This vulnerability was named CVE-2024-56046. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in WPLMS Theme Plugin on WordPress. Affected is an unknown function. The manipulation leads to sql injection. This vulnerability is traded as CVE-2024-56042. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in VibeBP Plugin and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2024-56039. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in VibeBP Plugin. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2024-56041. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in vBulletin 5.0.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument nodeid leads to sql injection. This vulnerability is known as CVE-2013-3522. The attack can be launched remotely. Furthermore, there is an exploit available.

25年欢迎多私聊讨论技术问题

25年欢迎多私聊讨论技术问题

25年欢迎多私聊讨论技术问题

25年欢迎多私聊讨论技术问题

25年欢迎多私聊讨论技术问题

25年欢迎多私聊讨论技术问题

25年欢迎多私聊讨论技术问题

2024 marks 13 years in security, 10 in offensive security,

OverviewThe Cybersecurity and Infrastructure Security Agency (CERT-In) released an urgent