Aggregator

CVE-2026-6133 | Tenda F451 1.0.0.7_cn_svn7958 /goform/SafeUrlFilter fromSafeUrlFilter page stack-based overflow

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability labeled as critical has been found in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to stack-based buffer overflow. This vulnerability is documented as CVE-2026-6133. The attack can be executed remotely. Additionally, an exploit exists.
vuldb.com

CVE-2026-6132 | Totolink A7100RU 7.4cu.2313_b20191024 CGI /cgi-bin/cstecgi.cgi setLedCfg enable os command injection

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability identified as critical has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. This vulnerability is registered as CVE-2026-6132. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

CVE-2026-6131 | Totolink A7100RU 7.4cu.2313_b20191024 CGI /cgi-bin/cstecgi.cgi setTracerouteCfg command os command injection

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability categorized as critical has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. This vulnerability is cataloged as CVE-2026-6131. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-31413 | Linux Kernel up to 6.12.79/6.18.20/6.19.10/7.0-rc1/7.0-rc4 bpf maybe_fork_scalars runtime out-of-bounds (EUVD-2026-21717)

VulDB Recent Entries
2 weeks 3 days ago
A vulnerability was found in Linux Kernel up to 6.12.79/6.18.20/6.19.10/7.0-rc1/7.0-rc4. It has been rated as critical. Affected is the function maybe_fork_scalars of the component bpf. The manipulation of the argument runtime leads to out-of-bounds read. This vulnerability is listed as CVE-2026-31413. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is advised.
vuldb.com

DDoS Attack Types Explained: Volumetric, Protocol, and Application Layer Attacks

Security Boulevard
2 weeks 3 days ago

Key Takeaways There are three main DDoS attack categories:  Volumetric (Layer 3), Protocol (Layer 4), and application layer (Layer 7) – each with different attack characteristics Each category requires a different mitigation approach, though the mitigation of layer 3/4 attacks is the same in majority of cases Application layer (L7) attacks are the hardest to […]

The post DDoS Attack Types Explained: Volumetric, Protocol, and Application Layer Attacks appeared first on Security Boulevard.

Israel Solomon

反腐如何影响餐饮业

Solidot
2 weeks 3 days ago
2012 年党中央发布了限制铺张浪费的八项规定(全称“十八届中央政治局关于改进工作作风、密切联系群众的八项规定”),为经济学家提供了罕见的机会观察反腐如何影响餐饮业的选址和整体经济格局。研究人员利用大众点评的数据,分析了 2010-2014 年间数十万条顾客评论和消费报告,记录了 120 个政府机关的地址,观察附近数万家餐厅的情况。结果显示,八项规定实施后,政府机关附近餐厅的生意立即下滑。顾客到访量下降 5.5%,人均消费下降 2.7%。这相当于北京餐厅每年损失约 4 亿美元的销售额。高档餐厅受到的冲击最大。到 2016 年,北京餐饮业的整体格局发生了改变。在整顿前,高档餐饮大多集中在政治权力中心附近,之后高档餐厅逐渐分散到普通商业区和居民区。这表明政治权力的地理分布直接改变地方经济格局。它以正常市场力量无法解释的方式将财富和资源聚集在一起。研究表明,政治权力会影响企业选址。研究还揭示了反腐的隐性成本,其经济影响远超预期目标。

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

The Hackers News
2 weeks 3 days ago
Unknown threat actors compromised CPUID ("cpuid[.]com"), a website that hosts popular hardware monitoring tools like CPU-Z, HWMonitor, HWMonitor Pro, and PerfMonitor, for less than 24 hours to serve malicious executables for the software and deploy a remote access trojan called STX RAT. The incident lasted from approximately April 9, 15:00 UTC, to about April 10, 10:00 UTC, with
The Hacker News

Managed ad