Aggregator
CVE-2024-10536 | FancyPost Plugin up to 6.0.0 on WordPress Shortcode authorization
1 year 6 months ago
A vulnerability was found in FancyPost Plugin up to 6.0.0 on WordPress and classified as critical. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulation leads to missing authorization.
This vulnerability is handled as CVE-2024-10536. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-12470 | School Management System Plugin up to 1.0.8 on WordPress privileges assignment
1 year 6 months ago
A vulnerability was found in School Management System Plugin up to 1.0.8 on WordPress. It has been classified as critical. This affects an unknown part. The manipulation leads to incorrect privilege assignment.
This vulnerability is uniquely identified as CVE-2024-12470. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-12264 | payuplugin PayU CommercePro Plugin up to 3.8.3 on WordPress REST API Endpoint generate-user-token improper authentication
1 year 6 months ago
A vulnerability classified as critical was found in payuplugin PayU CommercePro Plugin up to 3.8.3 on WordPress. This vulnerability affects unknown code of the file /wp-json/payu/v1/generate-user-token of the component REST API Endpoint. The manipulation leads to improper authentication.
This vulnerability was named CVE-2024-12264. The attack can be initiated remotely. There is no exploit available.
vuldb.com
长亭科技语义分析3.0&“雷池30”新版重磅发布
1 year 6 months ago
长亭科技语义分析3.0暨雷池30巡回发布会首站在北京举行
摇滚黑客2025演唱会门票售罄!
1 year 6 months ago
2025年1月11日,20:00,北京·福浪LIVEHOUSE,等你来!
长亭科技语义分析3.0&“雷池30”新版重磅发布
1 year 6 months ago
1月7日,长亭科技语义分析3.0暨雷池30巡回发布会首站在北京举行。发布会上展示了长亭语义分析技术的最新成果、雷池(SafeLine)全新升级30版本以及WAF的最佳实践,体现了长亭在网络安全与人工智
摇滚黑客2025演唱会门票售罄!
1 year 6 months ago
2025年1月11日20:00北京·福浪LIVEHOUSE我们不见不散END✦推荐阅读✦粉丝福利群开放啦加安全419好友进群红包/书籍/礼品等不定期派送
乌普萨拉大学 | 使用协议状态模糊测试分析DTLS实现
1 year 6 months ago
本文通过扩展TLS-Attacker框架开发了支持DTLS的测试平台,并利用协议状态模糊测试技术分析了13种DTLS实现。
乌普萨拉大学 | 使用协议状态模糊测试分析DTLS实现
1 year 6 months ago
原文标题:Analysis of DTLS Implementations Using Protocol State Fuzzing原文作者:Paul Fiterau-Brostean, Bengt
梦中情坞!华硕推出内置RTX 5090的扩展坞 提供5GbE网口以及连接2台显示器
1 year 6 months ago
#硬件设备 华硕推出全球首款基于 Thunderbolt 5 外接显卡 eGPU + 扩展坞,内置 RTX 5090 移动版,售价 2199.99 美元。这款扩展坞内置 350W 电源
记一次GPU服务器挖矿事件应急响应
1 year 6 months ago
过年前来了这么个事,简单记录下
V8 字节码反编译 还原bytenode保护的js代码
1 year 6 months ago
白帽酱
CVE-2024-11627 | Progress Sitefinity up to 14.4.8142/15.0.8229/15.1.8327/15.2.8421 session expiration
1 year 6 months ago
A vulnerability has been found in Progress Sitefinity up to 14.4.8142/15.0.8229/15.1.8327/15.2.8421 and classified as critical. This vulnerability affects unknown code. The manipulation leads to session expiration.
This vulnerability was named CVE-2024-11627. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-11625 | Progress Software Sitefinity up to 14.4.8142/15.0.8229/15.1.8327/15.2.8421 information exposure
1 year 6 months ago
A vulnerability, which was classified as critical, was found in Progress Software Sitefinity up to 14.4.8142/15.0.8229/15.1.8327/15.2.8421. This affects an unknown part. The manipulation leads to information exposure through error message.
This vulnerability is uniquely identified as CVE-2024-11625. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
社区速递 076 | 你没见过的社区文章、一周最热评、派友的年度应用
1 year 6 months ago
社区速递 076 | 你没见过的社区文章、一周最热评、派友的年度应用除了首页时间流和侧栏的精选展位,少数派 Matrix 社区还有很多优秀内容因条件所限无法得到有效曝光,因此我们决定重启 Matrix
V8 字节码反编译 还原bytenode保护的js代码
1 year 6 months ago
某年某日的一天,我看到某IM应用发布了一个全新的桌面客户端开始了公测我马上就下载来试用了一番,发现它使用了electron重构了PC客户端。用electron重写?逆起来应该很
攻击面管理安全案例研究 | 城商行统一安全管理平台运营
1 year 6 months ago
攻击面管理安全案例研究 | 城商行统一安全管理平台运营 日期:2025年01月07日 阅:72
攻击面管理安全案例研究 | 城商行统一安全管理平台运营
1 year 6 months ago
本案例正式收录于《攻击面管理技术应用指南(2024版)》,项目由绿盟科技集团股份有限公司实施,并提供案例研究支 […]
aqniu
外交部:美方炒作“中国黑客攻击”并发起制裁,中方坚决反对;国家网络安全通报中心:发现一批境外恶意网址和恶意IP | 牛览
1 year 6 months ago
外交部:美方炒作“中国黑客攻击”并发起制裁,中方坚决反对;国家网络安全通报中心:发现一批境外恶意网址和恶意IP | 牛览 日期:2025年01月0