Aggregator

Submit #452471 / VDB-286347

A vulnerability classified as critical was found in code-projects Simple Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. This vulnerability is known as CVE-2024-11962. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #452106 / VDB-286346

A vulnerability classified as problematic has been found in wpdevteam EmbedPress Plugin up to 4.1.3 on WordPress. Affected is an unknown function. The manipulation of the argument provider_name leads to cross site scripting. This vulnerability is traded as CVE-2024-11203. It is possible to launch the attack remotely. There is no exploit available.

Submit #452084 / VDB-286345

A vulnerability was found in Guangzhou Huayi Intelligent Technology Jeewms 3.7. It has been rated as problematic. This issue affects the function preHandle of the file src/main/java/com/zzjee/wm/controller/WmOmNoticeHController.java. The manipulation of the argument request leads to information disclosure. The identification of this vulnerability is CVE-2024-11961. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way. The vendor was contacted early about this disclosure but did not respond in any way.

Microsoft has re-released the November 2024 Security Update (SU) with enhancements to rectify problems encountered with transport rules. Originally rolled out on November 12, 2024, as part of its ongoing security update efforts, the initial SU (referred to as Nov 2024 SUv1 with article KB5044062) led to unexpected interruptions in transport rules, impacting certain environments […]

The post Microsoft Re-Releasing Exchange Server Nov 2024 Security Update Fixing Transport Rules appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Submit #449698 / VDB-286245

Submit #445596 / VDB-286343

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been declared as critical. This vulnerability affects the function formSetPortTr of the file /goform/formSetPortTr. The manipulation of the argument curTime leads to buffer overflow. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2024-11960. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in D-Link DIR-605L 2.13B01. It has been classified as critical. This affects the function formResetStatistic of the file /goform/formResetStatistic. The manipulation of the argument curTime leads to buffer overflow. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is uniquely identified as CVE-2024-11959. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

ProjectSend认证绕过漏洞(CVE-2024-11680)

Submit #447485 / VDB-286342

Submit #447484 / VDB-286341

A vulnerability classified as critical was found in Munica NetSQL 1.0. This vulnerability affects unknown code. The manipulation of the argument CONNECT leads to memory corruption. This vulnerability was named CVE-2001-1163. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

В одно беспокойное утро жизнь целого города остановилась.

你可能错过的新鲜事红米发布 REDMI K80 系列手机11 月 27 日，REDMI 红米品牌推出 K80 系列手机。REDMI K80 系列分为 K80 和 K80 Pro 两个型号，其中，K

A new vulnerability has been discovered in Windows 11, specifically affecting the 23H2 version. This vulnerability is identified in the ksthunk.sys driver, allows attackers to exploit an integer overflow in the CKSAutomationThunk::ThunkEnableEventIrp function to escalate their privileges on the system. Technical Details The flaw was highlighted during the TyphoonPWN 2024 event, where an independent security researcher successfully demonstrated an […]

The post New Windows 11 Vulnerability Lets Attackers Elevate Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

当前，数字化浪潮正席卷全球各行各业，企业的数据资产正以前所未有的速度和规模增长，数据的产生、流转和应用已深度嵌 […]

新闻速览 •山西公安机关破获特大侵犯公民个人信息案 •前实习生篡改代码攻击大模型训练，字节跳动起诉要求索赔80 […]