Aggregator

A vulnerability was found in tsMuxer nightly-2024-05-10-02-00-45. It has been declared as critical. This vulnerability affects unknown code of the component MKV Video File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2024-41217. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in tsMuxer nightly-2024-05-12-02-01-18. It has been classified as critical. This affects an unknown part of the component MOV Video File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-52613. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in GeekRMX Twitter Anywhere Plus Plugin up to 2.0 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-51659. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in GentleSource Appointmind Plugin up to 4.0.0 on WordPress. Affected is an unknown function. The manipulation leads to cross-site request forgery. This vulnerability is traded as CVE-2024-51679. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Henrik Hoff WP Course Manager Plugin up to 1.3 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2024-51658. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Ciprian Popescu W3P SEO Plugin up to 1.8.5 on WordPress. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-51684. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in 07FLY FlyCMS 1.3.9. This vulnerability affects unknown code of the file /admin/SysNotifyUser/del.html?id=93. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-51156. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in FraudLabs Pro SMS Verification Plugin up to 1.10.1 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-51688. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in tsMuxer nightly-2024-04-05-01-53-02. This affects an unknown part of the component TS Video File Handler. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2024-49776. It is possible to initiate the attack remotely. There is no exploit available.

Учёные обнаружили уязвимость во всех тестируемых ИИ-роботах.

A vulnerability was found in Google Android 8.0/8.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Autofill Service. The manipulation leads to information disclosure. This vulnerability is known as CVE-2017-13227. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.

想象一下轮子能滚过各种障碍物，甚至能爬楼梯。韩国机械与材料研究所（Korea Institute of Machinery and Materials）的研究人员研发出一种能变形的轮子，可以滚过 1.3 倍于其半径高度的障碍物。它的设计受到了水滴表面张力的启发，遇到障碍物时会从固态变成流体状态。变形轮由外圈链条和一系列通过轮毂的辐条组成。辐条的刚度会根据传感器对地形的反应自动调节。研究人员演示了配备变形轮的原型轮椅，能爬上 18 厘米高的台阶。

A vulnerability was found in Binance BTC, Crypto and NFTS 2.85.4. It has been classified as critical. Affected is an unknown function of the component Fingerprint Authentication. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2024-31695. The attack needs to be done within the local network. There is no exploit available.

Digital lending has emerged as a game-changer, reshaping the borrowing experience with unprecedented speed, convenience, and accessibility. Gone are the days of endless paperwork and prolonged waiting times—now, individuals can secure loans within minutes from the comfort of their homes. However, as financial transactions shift to digital platforms, the importance of adhering to compliance standards […]

The post What is Digital Lending Application (DLA) Audit? appeared first on Kratikal Blogs.

The post What is Digital Lending Application (DLA) Audit? appeared first on Security Boulevard.

A vulnerability was found in tsMuxer nightly-2024-03-14-01-51-12 and classified as critical. This issue affects some unknown processing of the component TS Video File Handler. The manipulation leads to stack-based buffer overflow. The identification of this vulnerability is CVE-2024-41206. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in tsMuxer nightly-2024-03-14-01-51-12 and classified as critical. This vulnerability affects unknown code of the component MOV Video File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability was named CVE-2024-41209. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in tsMuxer nightly-2024-05-12-02-01-18. This affects an unknown part of the component MOV Video File Handler. The manipulation leads to heap-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-49778. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in unclebob FitNesse 20220319. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-39610. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Virtuozzo Hybrid Server 1.7.1. Affected by this vulnerability is an unknown functionality. The manipulation of the argument hostname leads to cross site scripting. This vulnerability is known as CVE-2024-40579. The attack can be launched remotely. There is no exploit available.

《规定》 旨在规范关键信息基础设施商用密码的使用，确保其安全性和有效性。