倒计时11天!2024补天杯破解大赛150W奖金池,先到先得!
大赛报名:https://pwn.butian.net/
Aggregator
JVN: 複数のHitachi Energy製品における複数の脆弱性
9 months 2 weeks ago
Hitachi Energyが提供する複数の製品には、複数の脆弱性が存在します。
CVE-2024-36467 | Zabbix up to 5.0.42/6.0.32/6.4.17/7.0.1rc1 API Endpoint improper authorization
9 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Zabbix up to 5.0.42/6.0.32/6.4.17/7.0.1rc1. This affects an unknown part of the component API Endpoint. The manipulation leads to improper authorization.
This vulnerability is uniquely identified as CVE-2024-36467. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-11009 | Internal Linking for SEO Traffic & Ranking Plugin up to 1.2.1 on WordPress post_id sql injection
9 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Internal Linking for SEO Traffic & Ranking Plugin up to 1.2.1 on WordPress. Affected by this issue is the function post_id. The manipulation leads to sql injection.
This vulnerability is handled as CVE-2024-11009. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-10521 | Cimatti Contact Forms Plugin up to 1.9.2 on WordPress process_bulk_action cross-site request forgery
9 months 2 weeks ago
A vulnerability classified as problematic was found in Cimatti Contact Forms Plugin up to 1.9.2 on WordPress. Affected by this vulnerability is the function process_bulk_action. The manipulation leads to cross-site request forgery.
This vulnerability is known as CVE-2024-10521. The attack can be launched remotely. There is no exploit available.
vuldb.com
澳大利亚众议院通过禁止儿童使用社媒法案
9 months 2 weeks ago
澳大利亚众议院周三以 102 票对 13 通过了禁止 16 岁以下儿童使用社媒的法案。澳主要政党都支持该法案,
如果 TikTok、Facebook、Snapchat、Reddit、X 和 Instagram 等社媒平台因未能系统性阻止儿童持有账户,它们将面临最高 5000 万澳元的罚款。如果该法案本周成为法律,社媒平台有一年时间研究如何实施年龄限制。为加强隐私保护,社媒平台不得强迫用户提供政府签发的身份证明文件如护照或驾照,平台也不能要求通过一个政府系统进行数字身份识别。澳参议院将在周三晚些时候讨论该法案,主要政党的支持基本上确保了该法案将会在参议院获得通过。
CVE-2023-6604 | FFmpeg HLS XBIN Demuxer resource consumption
9 months 2 weeks ago
A vulnerability classified as problematic has been found in FFmpeg. Affected is an unknown function of the component HLS XBIN Demuxer. The manipulation leads to resource consumption.
This vulnerability is traded as CVE-2023-6604. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2023-6603 | FFmpeg HLS EXT-X-MAP null pointer dereference
9 months 2 weeks ago
A vulnerability was found in FFmpeg. It has been rated as problematic. This issue affects some unknown processing of the component HLS EXT-X-MAP. The manipulation leads to null pointer dereference.
The identification of this vulnerability is CVE-2023-6603. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2023-6602 | FFmpeg HLS Playlist encoding error
9 months 2 weeks ago
A vulnerability was found in FFmpeg. It has been declared as problematic. This vulnerability affects unknown code of the component HLS Playlist Handler. The manipulation leads to encoding error.
This vulnerability was named CVE-2023-6602. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2023-6601 | FFmpeg HLS Remote Code Execution
9 months 2 weeks ago
A vulnerability was found in FFmpeg. It has been classified as critical. This affects an unknown part of the component HLS. The manipulation leads to Remote Code Execution.
This vulnerability is uniquely identified as CVE-2023-6601. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
Tuning DBMS: The Secret Life of Queries and Runtime Data
9 months 2 weeks ago
Authors:(1) Limeng Zhang, Centre for Research on Engineering Software Technologies (CREST), The Un
How to Tune Your Database Management System for Peak Performance
9 months 2 weeks ago
Authors:(1) Limeng Zhang, Centre for Research on Engineering Software Technologies (CREST), The Un
Key Tuning Objectives in DBMS Configuration: Performance, Overhead, Adaptivity, and Safety
9 months 2 weeks ago
Authors:(1) Limeng Zhang, Centre for Research on Engineering Software Technologies (CREST), The Un
The Key to Solving DBMS Tuning Problems
9 months 2 weeks ago
Authors:(1) Limeng Zhang, Centre for Research on Engineering Software Technologies (CREST), The Un
Automatic Configuration Tuning on Cloud Database: A Survey
9 months 2 weeks ago
Authors:(1) Limeng Zhang, Centre for Research on Engineering Software Technologies (CREST), The Un
CVE-2024-5921 | Palo Alto Networks GlobalProtect App up to 6.2.5/6.3 Root Certificate certificate validation
9 months 2 weeks ago
A vulnerability was found in Palo Alto Networks GlobalProtect App up to 6.2.5/6.3 and classified as problematic. Affected by this issue is some unknown functionality of the component Root Certificate Handler. The manipulation leads to improper certificate validation.
This vulnerability is handled as CVE-2024-5921. The attack can only be initiated within the local network. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
New NachoVPN attack uses rogue VPN servers to install malicious updates
9 months 2 weeks ago
A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious upd
Безопасность превыше всего: ТЭК и госсектор могут отказаться от Android
9 months 2 weeks ago
АРПП предлагает критерии доверенности для AOSP в российских госструктурах.
CVE-2024-53676 | HPE Insight Remote Support prior 7.14.0.629 path traversal
9 months 2 weeks ago
A vulnerability has been found in HPE Insight Remote Support and classified as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to path traversal.
This vulnerability is known as CVE-2024-53676. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
MySQL 删除大体积数据表文件的两种方法
9 months 2 weeks ago
日常业务数据库服务器数据激增导致磁盘空间不足,无法恢复业务,下面将介绍如何删除大的数据表文件,以 telescope_entries 表为例,当可以启动 MySQL 服务时,如何删除,...
黑海洋