Aggregator
SecWiki News 2024-12-25 Review
8 months 1 week ago
2024-12-25自动化大规模恶意软件工厂:安卓恶意软件生成中搭载式攻击与对... ourren
Five lesser known Task Manager features in Windows 11
8 months 1 week ago
Windows 11 is far from perfect, but it does make Task Manager significantly better. In this article, we're going to take a closer look at some of our favourite Task Manager features. [...]
Mayank Parmar
微软正尝试 AI 模型多元化在 Microsoft 365 Copilot 引入其它公司的模型
8 months 1 week ago
OpenAI 的最大投资者和盟友微软正致力于为其 AI 产品 Microsoft 365 Copilot 引入其它公司的 AI 模型,以实现多元化并降低成本,同时减少对 OpenAI 的依赖。微软发言人对此回应称,OpenAI 仍然是该公司在前沿模型(Frontier Models)上的合作伙伴。微软表示它根据产品和体验整合来自 OpenAI 和微软的各种模型。微软旗下的代码托管平台 GitHub 已经整合了 Anthropic 和 Google 的 AI 模型。
antigov is Allegedly Selling Sudo SSH Access to 190+ Stanford University Servers for $100,000
8 months 1 week ago
antigov is Allegedly Selling Sudo SSH Access to 190+ Stanford University Servers for $100,000
Dark Web Informer - Cyber Threat Intelligence
Sarcoma
8 months 1 week ago
cohenido
Google 合同工被要求对比 Gemini AI 和 Claude 的结果
8 months 1 week ago
帮助 Google 改进 AI 模型的合同工被要求对比 Gemini AI 与竞争对手 Anthropic 公司的 Claude 模型的输出结果。科技巨头们正在竞相构建更出色的 AI 模型,模型的性能通常会与竞争对手进行比较,但主要是通过行业基准测试,而不是让合同工们费力去评估竞争对手 AI 的反应。Google Gemini AI 模型的合同工们被要求根据真实性和详细程度等指标对每个 AI 响应进行评分,每次提示有最多 30 分钟时间去判断 Gemini 和 Claude 谁的答案更好。
CVE-2024-12939 | code-projects Job Recruitment 1.0 /_parse/_all_edits.php add_edu degree sql injection
8 months 1 week ago
A vulnerability was found in code-projects Job Recruitment 1.0. It has been rated as critical. This issue affects the function add_edu of the file /_parse/_all_edits.php. The manipulation of the argument degree leads to sql injection.
The identification of this vulnerability is CVE-2024-12939. The attack may be initiated remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
vuldb.com
CVE-2024-52535 | Dell SupportAssist for Home PCs symlink (dsa-2024-470)
8 months 1 week ago
A vulnerability was found in Dell SupportAssist for Home PCs and SupportAssist for Business PCs. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to symlink following.
This vulnerability was named CVE-2024-52535. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2023-5117 | GitLab Community Edition/Enterprise Edition up to 17.5.x exposure of sensitive information due to incompatible policies
8 months 1 week ago
A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 17.5.x. It has been classified as problematic. This affects an unknown part. The manipulation leads to exposure of sensitive information due to incompatible policies.
This vulnerability is uniquely identified as CVE-2023-5117. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-47102 | IBM AIX/VIOS perfstat Kernel Extension denial of service
8 months 1 week ago
A vulnerability was found in IBM AIX and VIOS and classified as problematic. Affected by this issue is some unknown functionality of the component perfstat Kernel Extension. The manipulation leads to denial of service.
This vulnerability is handled as CVE-2024-47102. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-12938 | code-projects Simple Admin Panel 1.0 updateOrderStatus.php record sql injection
8 months 1 week ago
A vulnerability has been found in code-projects Simple Admin Panel 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file updateOrderStatus.php. The manipulation of the argument record leads to sql injection.
This vulnerability is known as CVE-2024-12938. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-12937 | code-projects Simple Admin Panel 1.0 addVariationController.php qty sql injection
8 months 1 week ago
A vulnerability, which was classified as critical, was found in code-projects Simple Admin Panel 1.0. Affected is an unknown function of the file addVariationController.php. The manipulation of the argument qty leads to sql injection.
This vulnerability is traded as CVE-2024-12937. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-12936 | code-projects Simple Admin Panel 1.0 catDeleteController.php record sql injection
8 months 1 week ago
A vulnerability, which was classified as critical, has been found in code-projects Simple Admin Panel 1.0. This issue affects some unknown processing of the file catDeleteController.php. The manipulation of the argument record leads to sql injection.
The identification of this vulnerability is CVE-2024-12936. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-12935 | code-projects Simple Admin Panel 1.0 editItemForm.php record sql injection
8 months 1 week ago
A vulnerability classified as critical was found in code-projects Simple Admin Panel 1.0. This vulnerability affects unknown code of the file editItemForm.php. The manipulation of the argument record leads to sql injection.
This vulnerability was named CVE-2024-12935. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #467816: code-projects job-recruitment-in-php V1.0 SQL INJECTION [Accepted]
8 months 1 week ago
Submit #467816 / VDB-289295
Hl0kk
CVE-2024-12934 | code-projects Simple Admin Panel 1.0 updateItemController.php p_desk sql injection
8 months 1 week ago
A vulnerability classified as critical has been found in code-projects Simple Admin Panel 1.0. This affects an unknown part of the file updateItemController.php. The manipulation of the argument p_desk leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-12934. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-12933 | code-projects Simple Admin Panel 1.0 updateItemController.php p_name/p_desc cross site scripting
8 months 1 week ago
A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file updateItemController.php. The manipulation of the argument p_name/p_desc leads to cross site scripting.
This vulnerability is handled as CVE-2024-12933. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-12932 | code-projects Simple Admin Panel 1.0 addSizeController.php size cross site scripting
8 months 1 week ago
A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file addSizeController.php. The manipulation of the argument size leads to cross site scripting.
This vulnerability is known as CVE-2024-12932. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-12931 | code-projects Simple Admin Panel 1.0 /addCatController.php size sql injection
8 months 1 week ago
A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been classified as critical. Affected is an unknown function of the file /addCatController.php. The manipulation of the argument size leads to sql injection.
This vulnerability is traded as CVE-2024-12931. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com