Думаете, ваши голосовые в WhatsApp защищены? Вот список расширений, которые перехватывают аудио перед отправкой
148 тысяч установок под видом CRM для бизнеса.
Aggregator
OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack
1 month 1 week ago
A chain of four critical vulnerabilities discovered in OpenClaw, one of the fastest-growing open-source platforms for autonomous AI agents, has left an estimated 245,000 publicly accessible server instances exposed to remote exploitation, credential theft, and persistent backdoor installation. Originally launched as “Clawdbot” in late 2025, OpenClaw connects large language models directly to filesystems, SaaS applications, […]
The post OpenClaw Chain Vulnerabilities Expose 245,000 Public AI Agent Servers to Attack appeared first on Cyber Security News.
Guru Baran
CVE-2017-3315 | Oracle PeopleSoft 9.2 HCM ePerformance information disclosure (BID-95510 / ID 1037634)
1 month 1 week ago
A vulnerability classified as critical has been found in Oracle PeopleSoft 9.2. The impacted element is an unknown function of the component HCM ePerformance. Performing a manipulation results in information disclosure.
This vulnerability is cataloged as CVE-2017-3315. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2017-3324 | Oracle Primavera P6 Enterprise Project Portfolio Management Web Access access control (BID-95528)
1 month 1 week ago
A vulnerability described as critical has been identified in Oracle Primavera P6 Enterprise Project Portfolio Management up to 16.2. The impacted element is an unknown function of the component Web Access. Executing a manipulation can lead to improper access controls.
The identification of this vulnerability is CVE-2017-3324. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2017-3316 | Oracle VM VirtualBox up to 5.0.31/5.1.13 GUI input validation (EDB-41196 / Nessus ID 96609)
1 month 1 week ago
A vulnerability identified as critical has been detected in Oracle VM VirtualBox up to 5.0.31/5.1.13. Affected is an unknown function of the component GUI. The manipulation leads to improper input validation.
This vulnerability is traded as CVE-2017-3316. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2017-3317 | Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Logging denial of service (Nessus ID 96732 / ID 175942)
1 month 1 week ago
A vulnerability was found in Oracle MySQL Server 5.5.53/5.6.34/5.7.16. It has been classified as problematic. Affected by this issue is some unknown functionality of the component Logging. The manipulation leads to denial of service.
This vulnerability is listed as CVE-2017-3317. The attack must be carried out locally. There is no available exploit.
Upgrading the affected component is recommended.
vuldb.com
CVE-2017-3318 | Oracle MySQL Server 5.5.53/5.6.34/5.7.16 Error Handling access control (Nessus ID 96732 / ID 175942)
1 month 1 week ago
A vulnerability was found in Oracle MySQL Server 5.5.53/5.6.34/5.7.16. It has been declared as problematic. This affects an unknown part of the component Error Handling. The manipulation results in improper access controls.
This vulnerability is cataloged as CVE-2017-3318. The attack must be initiated from a local position. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2017-3321 | Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5 input validation (Nessus ID 96727 / BID-95562)
1 month 1 week ago
A vulnerability was found in Oracle MySQL Cluster 7.2.19/7.3.8/7.4.5. It has been rated as problematic. This vulnerability affects unknown code of the component Cluster. This manipulation causes improper input validation.
This vulnerability is registered as CVE-2017-3321. Remote exploitation of the attack is possible. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
CVE-2017-3323 | Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 input validation (Nessus ID 96726 / BID-95575)
1 month 1 week ago
A vulnerability categorized as problematic has been discovered in Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12. This issue affects some unknown processing of the component Cluster. Such manipulation leads to improper input validation.
This vulnerability is documented as CVE-2017-3323. The attack can be executed remotely. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2017-3322 | Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12 Cluster NDBAPI denial of service (Nessus ID 96726 / BID-95574)
1 month 1 week ago
A vulnerability identified as problematic has been detected in Oracle MySQL Cluster 7.2.25/7.3.14/7.4.12. Impacted is an unknown function of the component Cluster NDBAPI. Performing a manipulation results in denial of service.
This vulnerability is reported as CVE-2017-3322. The attack is possible to be carried out remotely. No exploit exists.
You should upgrade the affected component.
vuldb.com
CVE-2017-3319 | Oracle MySQL Server up to 5.7.16 X Plugin information disclosure (Nessus ID 96618 / ID 20029)
1 month 1 week ago
A vulnerability labeled as problematic has been found in Oracle MySQL Server up to 5.7.16. The affected element is an unknown function of the component X Plugin. Executing a manipulation can lead to information disclosure.
This vulnerability appears as CVE-2017-3319. The attack may be performed from remote. There is no available exploit.
The affected component should be upgraded.
vuldb.com
CVE-2017-3320 | Oracle MySQL Server up to 5.7.16 Encryption access control (Nessus ID 96618 / ID 20029)
1 month 1 week ago
A vulnerability marked as problematic has been reported in Oracle MySQL Server up to 5.7.16. The impacted element is an unknown function of the component Encryption. The manipulation leads to improper access controls.
This vulnerability is traded as CVE-2017-3320. It is possible to initiate the attack remotely. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
KRYBIT
1 month 1 week ago
You must login to view this content
cohenido
Shai-Hulud Worm Steals npm, GitHub, AWS, and Kubernetes Secrets From Developers
1 month 1 week ago
A dangerous new piece of malware called Shai-Hulud has emerged as one of the most alarming supply chain threats of 2026. It is a self-propagating worm that quietly tunnels through developer environments, stealing credentials from npm, GitHub, AWS, and Kubernetes all at once. Hundreds of malicious packages have already been tied to this campaign, making […]
The post Shai-Hulud Worm Steals npm, GitHub, AWS, and Kubernetes Secrets From Developers appeared first on Cyber Security News.
Tushar Subhra Dutta
英国对 MS Office 涉嫌垄断展开调查
1 month 1 week ago
英国竞争市场管理局(CMA)正式启动调查,查明微软将 Windows、Office、Teams、Copilot 及相关产品捆绑销售是否构成不公平竞争。CMA CEO Sarah Cardell 表示,商业软件是英国经济的基石,数十万客户依赖微软的系统。她表示 CMA 的目标是了解市场的发展情况,微软在其中的地位,考虑是否需要采取任何有针对性的措施,以确保英国企业能从选择、创新和具有竞争力的价格中受益。微软捆绑销售办公软件、AI 和云计算的做法将是英国的调查对象。调查预计将于明年 2 月结束。
Debian обязал разработчиков доказывать «чистоту» своего кода
1 month 1 week ago
Система миграции Debian начала автоматически блокировать пакеты, которые не проходят тест воспроизводимости.
CVE-2026-22740 | Vmware Spring Framework up to 5.3.47/6.1.26/6.2.17/7.0.6 Multipart Request resource consumption (Nessus ID 314917 / WID-SEC-2026-1177)
1 month 1 week ago
A vulnerability, which was classified as problematic, was found in Vmware Spring Framework up to 5.3.47/6.1.26/6.2.17/7.0.6. The affected element is an unknown function of the component Multipart Request Handler. Executing a manipulation can lead to resource consumption.
The identification of this vulnerability is CVE-2026-22740. The attack may be launched remotely. There is no exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2026-22741 | Vmware Spring Framework up to 5.3.47/6.1.26/6.2.17/7.0.6 MVC/WebFlux cache containing sensitive information (EUVD-2026-26206 / Nessus ID 314917)
1 month 1 week ago
A vulnerability marked as problematic has been reported in Vmware Spring Framework up to 5.3.47/6.1.26/6.2.17/7.0.6. This issue affects some unknown processing of the component MVC/WebFlux. This manipulation causes use of cache containing sensitive information.
This vulnerability appears as CVE-2026-22741. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-22745 | Vmware Spring Framework up to 5.3.47/6.1.26/6.2.17/7.0.6 on Windows MVC/WebFlux resource consumption (EUVD-2026-26207 / Nessus ID 314917)
1 month 1 week ago
A vulnerability described as problematic has been identified in Vmware Spring Framework up to 5.3.47/6.1.26/6.2.17/7.0.6 on Windows. Impacted is an unknown function of the component MVC/WebFlux. Such manipulation leads to resource consumption.
This vulnerability is traded as CVE-2026-22745. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-44573 | vercel next.js up to 15.5.15/16.2.4 /_next/data/.json authorization (Nessus ID 314910 / WID-SEC-2026-1401)
1 month 1 week ago
A vulnerability was found in vercel next.js up to 15.5.15/16.2.4 and classified as problematic. Impacted is an unknown function of the file /_next/data/.json. The manipulation results in incorrect authorization.
This vulnerability is cataloged as CVE-2026-44573. The attack may be launched remotely. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com