Aggregator
CVE-2015-5745 | QEMU up to 2.3.x Virtio Control Message virtio-serial-bus.c send_control_msg buffer overflow (ID 168944)
1 year 9 months ago
A vulnerability was found in QEMU up to 2.3.x. It has been rated as critical. This issue affects the function send_control_msg of the file hw/char/virtio-serial-bus.c of the component Virtio Control Message Handler. The manipulation leads to buffer overflow.
The identification of this vulnerability is CVE-2015-5745. The attack may be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2015-5239 | Fabrice Bellard QEMU up to 2.0.x CLIENT_CUT_TEXT Message infinite loop (USN-2745-1 / ID 168944)
1 year 9 months ago
A vulnerability classified as critical was found in Fabrice Bellard QEMU up to 2.0.x. Affected by this vulnerability is an unknown functionality of the component CLIENT_CUT_TEXT Message Handler. The manipulation leads to infinite loop.
This vulnerability is known as CVE-2015-5239. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2007-4603 | ACG News printable.php aid sql injection (EDB-4330 / XFDB-36293)
1 year 9 months ago
A vulnerability classified as critical has been found in ACG News. Affected is an unknown function of the file printable.php. The manipulation of the argument aid leads to sql injection.
This vulnerability is traded as CVE-2007-4603. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
[Control systems] CISA ICS security advisories (AV24-549)
1 year 9 months ago
Canadian Centre for Cyber Security
CVE-2015-5545 | Adobe Flash Player 11.2.202.491/18.0.0.209 memory corruption (APSB15-19 / EDB-37867)
1 year 9 months ago
A vulnerability has been found in Adobe Flash Player 11.2.202.491/18.0.0.209 and classified as very critical. This vulnerability affects unknown code. The manipulation leads to memory corruption.
This vulnerability was named CVE-2015-5545. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Rackspace monitoring data stolen in ScienceLogic zero-day attack
1 year 9 months ago
Cloud hosting provider Rackspace suffered a data breach exposing "limited" customer monitoring data after threat actors exploited a zero-day vulnerability in a third-party tool used by the ScienceLogic SL1 platform. [...]
Bill Toulas
Stormous
1 year 9 months ago
cohenido
USENIX NSDI ’24 – BBQ: A Fast and Scalable Integer Priority Queue for Hardware Packet Scheduling
1 year 9 months ago
Authors/Presenters:Nirav Atre, Hugo Sadok, Justine Sherry
Our sincere thanks to USENIX, and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara; and via the organizations YouTube channel.
The post USENIX NSDI ’24 – BBQ: A Fast and Scalable Integer Priority Queue for Hardware Packet Scheduling appeared first on Security Boulevard.
Marc Handelman
Лазеры из звука: физики перевернули привычное представление о технологиях
1 year 9 months ago
Прорыв в физике позволяет создавать мощные звуковые лучи с помощью фононов.
Annuncio di scoperta astronomica oggi alle 14 ora dell’Europa centrale. Niente panico
1 year 9 months ago
2024/10/01 Annuncio di scoperta astronomica oggi alle 14 ora dell’Europa
CVE-2024-46866 | Linux Kernel up to 6.10.10 show_meminfo assertion (abc8feacacf8/94c4aa266111)
1 year 9 months ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.10.10. Affected by this issue is the function show_meminfo. The manipulation leads to reachable assertion.
This vulnerability is handled as CVE-2024-46866. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-46867 | Linux Kernel up to 6.10.10 show_meminfo deadlock (9d3de463e23b/9bd7ff293fc8)
1 year 9 months ago
A vulnerability was found in Linux Kernel up to 6.10.10. It has been classified as critical. Affected is the function show_meminfo. The manipulation leads to deadlock.
This vulnerability is traded as CVE-2024-46867. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-46868 | Linux Kernel up to 6.10.10 uefisecapp qcuefi_acquire deadlock (8c6a5a1fc02a/db213b0cfe32)
1 year 9 months ago
A vulnerability was found in Linux Kernel up to 6.10.10. It has been rated as critical. This issue affects the function qcuefi_acquire of the component uefisecapp. The manipulation leads to deadlock.
The identification of this vulnerability is CVE-2024-46868. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-8353 | GiveWP Plugin up to 3.16.1 on WordPress code injection
1 year 9 months ago
A vulnerability, which was classified as critical, was found in GiveWP Plugin up to 3.16.1 on WordPress. Affected is an unknown function. The manipulation leads to code injection.
This vulnerability is traded as CVE-2024-8353. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-9297 | SourceCodester Online Railway Reservation System 1.0 /admin/ page improper authorization
1 year 9 months ago
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument page with the input trains/schedules/system_info leads to improper authorization.
This vulnerability is known as CVE-2024-9297. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-9298 | SourceCodester Online Railway Reservation System 1.0 Ticket /?page=tickets id access control
1 year 9 months ago
A vulnerability was found in SourceCodester Online Railway Reservation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /?page=tickets of the component Ticket Handler. The manipulation of the argument id leads to improper access controls.
This vulnerability is handled as CVE-2024-9298. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-9300 | SourceCodester Online Railway Reservation System 1.0 Message Us Form contact_us.php fullname/email/message cross site scripting
1 year 9 months ago
A vulnerability classified as problematic was found in SourceCodester Online Railway Reservation System 1.0. This vulnerability affects unknown code of the file contact_us.php of the component Message Us Form. The manipulation of the argument fullname/email/message leads to cross site scripting.
This vulnerability was named CVE-2024-9300. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2014-7310 | Ali Visual 1 X.509 Certificate cryptographic issues (VU#582497)
1 year 9 months ago
A vulnerability classified as critical has been found in Ali Visual 1. This affects an unknown part of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues.
This vulnerability is uniquely identified as CVE-2014-7310. Access to the local network is required for this attack to succeed. There is no exploit available.
vuldb.com
Жаркие объятия Солнца: миссия Parker Solar Probe подходит к кульминации
1 year 9 months ago
Спустя 6 лет космических скитаний зонд готов к самому опасному маневру.