Aggregator

A vulnerability was found in taskmatic 1.0. It has been classified as critical. Affected is an unknown function of the file /update-employee.php. The manipulation of the argument admin_id leads to sql injection. This vulnerability is traded as CVE-2024-48813. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Juniper Junos OS Evolved and classified as critical. This issue affects some unknown processing of the component Kernel. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2024-47502. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

The Contrast Security Runtime Security Platform — the engine driving Contrast’s Application Detection and Response (ADR) technology — blocked approximately 55.8K cybersecurity attacks during the month of September 2024. 

The post Prevent Path Traversal Attacks with ADR | Contrast Security appeared first on Security Boulevard.

This post first appeared on blog.netwrix.com and was written by Mark Techa.
Introduction to Network Ports What is a network port? Think of a port as a virtual gateway that a specific service, process, or application on your computer uses for network communication. Each port is assigned a unique number, allowing different types of traffic to be directed to the appropriate software. For example, your email might … Continued

A vulnerability classified as critical has been found in Apple iBooks Author up to 2.4.0. This affects an unknown part. The manipulation leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2016-1789. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Red Hat Linux 2.1. It has been classified as critical. Affected is an unknown function of the component abuse.console. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-1999-1491. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Harvestyourdata droid Survey Offline Forms 2.5.2. Affected by this issue is some unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is handled as CVE-2014-7573. Access to the local network is required for this attack. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Satori go.uuid. Affected by this issue is the function g.rand.Read. The manipulation leads to cryptographically weak prng. This vulnerability is handled as CVE-2021-3538. The attack can only be done within the local network. There is no exploit available.

A vulnerability was found in MLflow up to 2.11.2. It has been classified as problematic. Affected is an unknown function of the component Query String Handler. The manipulation leads to path traversal: '\..\filename'. This vulnerability is traded as CVE-2024-2928. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in MLflow up to 2.11.1. Affected is an unknown function. The manipulation leads to undefined behavior for input to api. This vulnerability is traded as CVE-2024-3099. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Hunk Companion Plugin up to 1.8.4 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the component Plugin Installation Handler. The manipulation leads to missing authorization. The identification of this vulnerability is CVE-2024-9707. The attack may be initiated remotely. There is no exploit available.

活动倒计时三天，冲刺！

Het gebeurt niet dagelijks dat er bij Defensie Gevechtsinsignes worden uitgereikt. Vandaag zelfs 2 keer. Militairen die in juni betrokken waren bij een drugsonderschepping in het Caribisch gebied ontvingen ze. Ze werden tijdens deze counterdrugsoperatie zeker 2 keer geramd door de go-fast van de verdachten. Vanuit zelfverdediging en om de boot te stoppen zagen zij zich genoodzaakt om te vuren.  

A vulnerability classified as critical was found in fallacystudios Stoner's Handbook L- Bud Guide 7.2. Affected by this vulnerability is an unknown functionality of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability is known as CVE-2014-7572. The attack needs to be initiated within the local network. There is no exploit available.

Кибератаки на университеты учащаются каждую неделю. Что делать?

A vulnerability, which was classified as critical, has been found in GutenKit Plugin up to 2.1.0 on WordPress. This issue affects some unknown processing. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2024-9234. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Linkz.ai Plugin up to 1.1.8 on WordPress. It has been declared as problematic. This vulnerability affects unknown code of the component Setting Handler. The manipulation leads to missing authorization. This vulnerability was named CVE-2024-9587. The attack can be initiated remotely. There is no exploit available.