Aggregator

国际 Ｃ 语言混乱代码大赛（IOCCC, The International Obfuscated C Code Contest）是一项国际程序设计赛事，旨在写出最有创意和最让人难以理解的

国际 Ｃ 语言混乱代码大赛（IOCCC, The International Obfuscated C Code Contest）是一项国际程序设计赛事，旨在写出最有创意和最让人难以理解的 C 语言代码。从 1984 年开始，该赛事基本每年举办一次，但有过多次中断，过去四年就中断了举办。组织者在 Mastodon 上宣布了纪念 40 周年的 IOCCC28 竞赛，报名始于 2024-12-29 23:58:13.213455 UTC 截止日期 2025-04-01 23:29:31.374143 UTC。

Poliisi, Finland’s police service, has transferred a cargo ship suspected of breaking several subma

Name: AlpacaHack Round 8 (Rev) (an AlpacaHack event.)
Date: Dec. 30, 2024, 3 a.m. — 30 Dec. 2024, 09:00 UTC  [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://alpacahack.com/
Rating weight: 0
Event organizers: AlpacaHack

A vulnerability was found in CommodityRentals Video Games Rentals. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument pfid leads to sql injection. This vulnerability is traded as CVE-2010-0690. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Netscape Enterprise Server 3.0/3.6/3.51. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Directory Indexing Handler. The manipulation of the argument wp-ver-info/wp-cs-dump leads to information disclosure. This vulnerability is handled as CVE-2000-0236. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Ключевой момент для индустрии информационной безопасности.

The United States Department of Health and Human Services' (HHS) Office for Civil Rights (OCR) has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader initiative to bolster the

Cybersecurity / ComplianceThe United States Department of Health and Human Services' (HHS) Office

kubernetes

A vulnerability, which was classified as problematic, has been found in Todd Miller sudo 1.8.6p6. This issue affects some unknown processing of the component Authentication Handler. The manipulation as part of Time Reset leads to improper access controls. The identification of this vulnerability is CVE-2013-1775. An attack has to be approached locally. Furthermore, there is an exploit available. Due to its background and reception, this vulnerability has an historic impact. It is recommended to upgrade the affected component.

A vulnerability has been found in lm-sys fastchat and classified as critical. This vulnerability affects unknown code of the file /worker_generate_stream of the component API Endpoint. The manipulation leads to server-side request forgery. This vulnerability was named CVE-2024-10044. The attack can be initiated remotely. There is no exploit available.

声明：该公众号大部分文章来自作者日常学习笔记，未经授权，严禁转载，如需转载，联系洪椒攻防实验室公众号。请勿利用文章内的相关技术从事非法测试，如因此产生的一切不良后果与文章作者和本公众号无关。

S声明：该公众号大部分文章来自作者日常学习笔记，未经授权，严禁转载，如需转载，联系洪椒攻防实验室公众号。请勿利用文章内的相关技术从事非法测试，如因此产生的一切不良后果与文章作者和本公众号无关。0x00

A vulnerability classified as critical was found in SAP HANA 1.00.095. This vulnerability affects unknown code of the component hdbindexserver. The manipulation leads to memory corruption. This vulnerability was named CVE-2015-7986. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in Visale 1.0. This issue affects some unknown processing of the file pbpgst.cgi. The manipulation of the argument listno leads to basic cross site scripting. The identification of this vulnerability is CVE-2006-1946. The attack may be initiated remotely. Furthermore, there is an exploit available.

Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whether it's a hidden flaw in popular software or a clever new attack method, staying informed is key to protecting yourself and your organization. In this week's update, we'll cover the most important developments in

Cybersecurity / Hacking NewsEvery week, the digital world faces new challenges and changes. Hacker

About Bruce SchneierI am a public-interest technologist, working at the intersection of security,

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-3393 Palo Alto Networks PAN-OS Malformed DNS Packet Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.