Aggregator

CVE-2025-2713 | Google gVisor 2018-08-22/2018-08-23/2018-11-01/20241028.0 runsc privileges management (EUVD-2025-8644)

Vuldb Updates
6 months ago
A vulnerability was found in Google gVisor 2018-08-22/2018-08-23/2018-11-01/20241028.0 and classified as critical. This issue affects some unknown processing of the component runsc. The manipulation leads to improper privilege management. The identification of this vulnerability is CVE-2025-2713. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2023-1965 | GitLab Enterprise Edition URL RelayState information disclosure (Issue 406235 / EUVD-2023-24151)

Vuldb Updates
6 months ago
A vulnerability, which was classified as problematic, has been found in GitLab Enterprise Edition. This issue affects some unknown processing of the component URL Handler. The manipulation of the argument RelayState leads to information disclosure. The identification of this vulnerability is CVE-2023-1965. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

性逆转在鸟类中间很常见

Solidot
6 months ago
部分鸟类的雌雄之间有着显著的外形区别,比如公鸡母鸡,雄孔雀和天堂鸟。但还有很多鸟类雌雄之间几乎没有区别,以至于科学家可能需要测试 DNA 才能区分雄性和雌性。但测试 DNA 也不可靠,根据发表在《Biology Letters》期刊上的一项研究,原因是性逆转在鸟类中间很常见,因此性腺和染色体并不一致。在人类中,女性通常携带 XX 染色体,男性为 XY 染色体。但决定性别的不是性染色体本身而是上面的基因。Y 染色体上的 SRY 基因决定了哺乳动物发育成雄性,如果缺乏该基因,那么携带 XY 染色体的人也会发育成女性。对五种澳大利亚常见鸟类澳洲喜鹊、笑翠鸟、凤头鸽、彩虹吸蜜鹦鹉和鳞胸吸蜜鹦鹉的研究发现,其性转比例在 3% 到 6% 之间,性逆转的鸟类大部分在遗传学上都是雌性但拥有雄性的生殖器官,小部分在遗传学上是雄性但拥有卵巢。但什么导致了鸟类的性逆转,研究人员表示还需要展开更多研究。

CVE-2023-1945 | Mozilla Thunderbird up to 102.9 Safe Browsing API memory corruption (Bug 1777588 / EUVD-2023-24131)

Vuldb Updates
6 months ago
A vulnerability classified as critical has been found in Mozilla Thunderbird up to 102.9. This affects an unknown part of the component Safe Browsing API. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2023-1945. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2003-0494 | Snitz Forums 2000 up to 3.4.03 Password Reset password.asp member_id privileges management (Nessus ID 11597 / ID 11359)

Vuldb Updates
6 months ago
A vulnerability classified as critical was found in Snitz Forums 2000 up to 3.4.03. This vulnerability affects unknown code of the file password.asp of the component Password Reset. The manipulation of the argument member_id leads to improper privilege management. This vulnerability was named CVE-2003-0494. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Why more transparency around cyber attacks is a good thing for everyone

NCSC Feed
6 months ago
Eleanor Fairford, Deputy Director of Incident Management at the NCSC, and Mihaela Jembei, Director of Regulatory Cyber at the Information Commissioner’s Office (ICO), reflect on why it’s so concerning when cyber attacks go unreported – and look at some of the misconceptions about how organisations respond to them.

CVE-2025-53744 | Fortinet FortiOS up to 6.4.16/7.0.17/7.2.11/7.4.7/7.6.2 privileges assignment (FG-IR-25-173 / WID-SEC-2025-1806)

Vuldb Updates
6 months ago
A vulnerability classified as critical was found in Fortinet FortiOS up to 6.4.16/7.0.17/7.2.11/7.4.7/7.6.2. Affected by this vulnerability is an unknown functionality. The manipulation leads to incorrect privilege assignment. This vulnerability is known as CVE-2025-53744. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

专家解读 | 健全完善扫码点餐个人信息保护制度——兼谈《网络安全标准实践指南——扫码点餐个人信息保护要求(征求意见稿)》

中国信息安全
6 months ago
信息化时代,个人信息保护已成为公众最关心最直接最现实的利益问题之一,以《中华人民共和国个人信息保护法》为核心的顶层设计,为保护个人信息权益,规范个人信息处理活动,促进个人信息合理利用提供了基础性法律遵循。

Managed ad