Aggregator

A vulnerability, which was classified as problematic, was found in LBL tcpdump 3.4. This affects the function ip_print of the component Packet Handler. The manipulation leads to infinite loop. This vulnerability is uniquely identified as CVE-1999-1024. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

“提示注入”持续作为首要风险，“敏感信息泄露”风险显著上升，“供应链安全“风险日益突出，”系统提示泄露“和&# […]

天文学家使用凌日法发现了一颗年龄仅 300 万岁的行星—TIDYE-1b（又名 IRAS 04125+2902 b）。相较之下地球已有 45 亿岁。如此年轻的行星为科学家提供了研究早期行星的形成环境，并重新检视现有的行星诞生模型。在此之前，天文学家已藉由凌日法发现了十多颗年龄在 1000 万至 4000 万年间的年轻行星，但 TIDYE-1b 的发现则刷新了这一项纪录。TIDYE-1b 的轨道非常接近其母恒星，每 9 天就完成一次公转。研究人员认为，这颗行星是尚未成熟的「超级地球」或「次海王星」的早期版本，这类行星在太阳系中并不存在，但在银河系中却十分常见，TIDYE-1b 的密度低于地球，但直径是地球的 11 倍。这一发现显示行星的形成可能比此前认为的更早，并不是因为它们不存在，而是因为它们通常隐藏在原行星盘中，难以观测。

Эксперты прогнозируют автоматизацию атак.

The Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. The first zero-day exploited by the Russian group, is a use-after-free […]

Исследователи нашли первый в истории реактор в недрах Окло.

A vulnerability, which was classified as critical, has been found in Creloaded CRE Loaded 6.2. Affected by this issue is some unknown functionality of the file product_info.php. The manipulation of the argument products_id leads to sql injection. This vulnerability is handled as CVE-2009-1403. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Pastel CMS 0.8.0. This affects an unknown part of the file admin.php. The manipulation of the argument (Username) leads to sql injection. This vulnerability is uniquely identified as CVE-2009-1404. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in e107 CMS up to 0.7.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file usersettings.php. The manipulation of the argument hide leads to sql injection. This vulnerability is handled as CVE-2009-1409. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Rens Rikkerink FunGamez and classified as critical. Affected by this vulnerability is an unknown functionality of the component Login. The manipulation of the argument username leads to sql injection. This vulnerability is known as CVE-2009-1487. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Rens Rikkerink FunGamez and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument module leads to path traversal. This vulnerability is handled as CVE-2009-1488. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Rens Rikkerink Fungamez. It has been classified as critical. This affects an unknown part. The manipulation of the argument cookie leads to improper authentication. This vulnerability is uniquely identified as CVE-2009-1489. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in CoolPlayer 2.19.1. It has been classified as very critical. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2009-1437. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Home Blog Podcast Vulns About Us Contact

Magento websites are a frequent target for cybercriminals due to their widespread usage in eCommerc

Новые атаки обнажают слабости VPN-подключений.

A vulnerability classified as critical was found in Neocrome Seditio 1.0. This vulnerability affects unknown code of the file events/inc/events.inc.php. The manipulation of the argument c leads to sql injection. This vulnerability was named CVE-2009-1411. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Studiolounge Address Book 2.5. This affects an unknown part of the file upload-file.php of the component Address Book. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2009-1483. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in e-cart Free Shopping Cart. It has been classified as critical. This affects an unknown part. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2009-1447. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Microsoft Windows XP. This affects an unknown part. The manipulation leads to improper resource management. This vulnerability is uniquely identified as CVE-2009-1511. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.