Aggregator

G.O.S.S.I.P 专栏2024年10月投稿指南

A vulnerability classified as critical was found in Oracle Java SE 7u241/8u231/11.0.5/13.0.1. This vulnerability affects unknown code of the component Security. The manipulation leads to information disclosure. This vulnerability was named CVE-2020-2601. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in runc up to 1.0.0-rc94. This issue affects some unknown processing of the component Configuration Handler. The manipulation leads to pathname traversal. The identification of this vulnerability is CVE-2021-30465. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Mozilla Thunderbird up to 78.6. Affected is an unknown function of the component STARTTLS Handler. The manipulation leads to missing encryption of sensitive data. This vulnerability is traded as CVE-2020-15685. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Java SE 7u241/8u231/11.0.5/13.0.1. It has been classified as problematic. This affects an unknown part of the component Security. The manipulation leads to an unknown weakness. This vulnerability is uniquely identified as CVE-2020-2590. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

2024年9月，中央网信办举报中心指导全国各级网信举报工作部门、主要网站平台受理网民举报色情、赌博、侵权、谣言等违法和不良信息1810.6万件，环比下降8.7%、同比下降3.3%。

一图读懂《关于加快公共数据资源开发利用的意见》。

随着数字化转型的不断深入，习近平总书记多次对数据资源发展提出重要指示，强调要“促进数据高效流通使用，赋能实体经济，统筹推进数据产权、流通交易、收益分配、安全治理，加快构建数据基础制度体系”。

近日，外交部公布《中国—东盟关于推动建立可持续和包容性的数字生态合作联合声明》。

近日，国家发展改革委、国家数据局、中央网信办、工业和信息化部、财政部、国家标准委联合印发《国家数据标准体系建设指南》，为数据标准化工作提供了基础指引，旨在充分发挥标准在激活数据要素潜能、做强做优做大数字经济等方面的引领性和规范性作用。

7月19日，美国网络安全公司“众击”更新了终端安全软件的内容配置，导致全球近千万台Windows系统出现蓝屏死机现象，20多个国家的交通等行业受到严重影响。该事件对我国数字化转型和网络安全能力建设具有正反两面的借鉴意义，值得我们深入思考。

分享行业的新趋势、新产品，探索合作新模式、新未来。

加强网络数据安全管理，促进AI、金融、工业和信息化等领域的安全规范。

10月18日，上海五角场凯悦酒店见！

A vulnerability classified as critical has been found in Eclipse OpenJ9 up to 0.20. This affects an unknown part of the file System.arraycopy. The manipulation as part of Return Value leads to type confusion. This vulnerability is uniquely identified as CVE-2019-17639. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome and classified as critical. Affected by this issue is some unknown functionality of the component Security UI. The manipulation leads to authentication bypass by spoofing. This vulnerability is handled as CVE-2020-6536. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Google Chrome and classified as problematic. Affected by this vulnerability is an unknown functionality of the component WebUI. The manipulation as part of HTML Page leads to improper input validation. This vulnerability is known as CVE-2020-6535. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Google Chrome. Affected is an unknown function of the component WebRTC. The manipulation as part of HTML Page leads to out-of-bounds write. This vulnerability is traded as CVE-2020-6534. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Google Chrome. This vulnerability affects unknown code of the component Scroll Handler. The manipulation as part of HTML Page leads to information exposure through discrepancy. This vulnerability was named CVE-2020-6531. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Google Chrome. This affects an unknown part of the component Developer Tools. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2020-6530. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.