Aggregator
CVE-2024-7591 | Progress LoadMaster up to 7.2.60.0 os command injection
1 year 9 months ago
A vulnerability, which was classified as very critical, has been found in Progress LoadMaster up to 7.2.60.0. This issue affects some unknown processing. The manipulation leads to os command injection.
The identification of this vulnerability is CVE-2024-7591. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-8395 | FlyCASS Cockpit Access Security System/Known Crewmember sql injection
1 year 9 months ago
A vulnerability was found in FlyCASS Cockpit Access Security System and Known Crewmember. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection.
This vulnerability is traded as CVE-2024-8395. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-45040 | Consensys gnark up to 0.10.x information disclosure (GHSA-9xcg-3q8v-7fq6)
1 year 9 months ago
A vulnerability was found in Consensys gnark up to 0.10.x. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure.
This vulnerability is known as CVE-2024-45040. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-27114 | Simple Online Planning SO Planning prior 1.52.02 Setting toctou
1 year 9 months ago
A vulnerability was found in Simple Online Planning SO Planning and classified as critical. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to time-of-check time-of-use.
The identification of this vulnerability is CVE-2024-27114. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-8642 | Eclipse EDC Connector up to 0.8.x incorrect implementation of authentication algorithm
1 year 9 months ago
A vulnerability was found in Eclipse EDC Connector up to 0.8.x. It has been classified as problematic. This affects an unknown part. The manipulation leads to incorrect implementation of authentication algorithm.
This vulnerability is uniquely identified as CVE-2024-8642. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2021-22503 | OpenText eDirectory 9.2.3.0000 cross site scripting
1 year 9 months ago
A vulnerability was found in OpenText eDirectory 9.2.3.0000. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2021-22503. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2021-22532 | OpenText eDirectory 9.2.3.0000 NLDAP allocation of resources
1 year 9 months ago
A vulnerability was found in OpenText eDirectory 9.2.3.0000. It has been declared as critical. This vulnerability affects unknown code of the component NLDAP. The manipulation leads to allocation of resources.
This vulnerability was named CVE-2021-22532. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2021-22533 | OpenText eDirectory 9.2.4.0000 log file
1 year 9 months ago
A vulnerability classified as problematic has been found in OpenText eDirectory 9.2.4.0000. Affected is an unknown function. The manipulation leads to sensitive information in log files.
This vulnerability is traded as CVE-2021-22533. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-40865 | Apple visionOS up to 1.2 Virtual Keyboard Privilege Escalation
1 year 9 months ago
A vulnerability was found in Apple visionOS up to 1.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Virtual Keyboard. The manipulation leads to Privilege Escalation.
This vulnerability is known as CVE-2024-40865. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-45039 | Consensys gnark up to 0.11.0 information disclosure (GHSA-q3hw-3gm4-w5cr)
1 year 9 months ago
A vulnerability was found in Consensys gnark up to 0.11.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to information disclosure.
This vulnerability is traded as CVE-2024-45039. The attack needs to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
【情报实战】如何查询黎巴嫩爆炸BP机的台湾生产厂家
1 year 9 months ago
2024年9月17日,黎巴嫩全境多地同时间发生寻呼机爆炸事件,事件引起全球关注。媒体报道,爆炸的寻呼机是台湾企业金太阳生产的。那么这家企业是什么情况?如何查询这家企业的信息呢?
CVE-2024-39921 | Fsas Technologies IPCOM EX2/IPCOM VE2 Encrypted Pages timing discrepancy
1 year 9 months ago
A vulnerability has been found in Fsas Technologies IPCOM EX2 and IPCOM VE2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Encrypted Pages Handler. The manipulation leads to observable timing discrepancy.
This vulnerability is known as CVE-2024-39921. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-41927 | IDEC FC6A MICROSmart All-in-One CPU Module cleartext transmission
1 year 9 months ago
A vulnerability was found in IDEC FC6A MICROSmart All-in-One CPU Module, FC6B MICROSmart All-in-One CPU Module, FC6A MICROSmart Plus CPU Module, FC6B MICROSmart Plus CPU Module, FT1A SmartAXIS Pro and FT1A SmartAXIS Pro Lite. It has been classified as problematic. This affects an unknown part. The manipulation leads to cleartext transmission of sensitive information.
This vulnerability is uniquely identified as CVE-2024-41927. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-20440 | Cisco Smart License Utility 2.0.0/2.1.0/2.2.0 HTTP Request log file (cisco-sa-cslu-7gHMzWmw)
1 year 9 months ago
A vulnerability has been found in Cisco Smart License Utility 2.0.0/2.1.0/2.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to sensitive information in log files.
This vulnerability is known as CVE-2024-20440. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-8417 | 云课网络科技有限公司 Yunke Online School System up to 1.5.5 videobind.html sensitive information in source
1 year 9 months ago
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/educloud/videobind.html. The manipulation leads to inclusion of sensitive information in source code.
This vulnerability was named CVE-2024-8417. The attack can be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
不仅阅读
1 year 9 months ago
对创业团队来说,Slax Reader 是自己需要的产品,因此,最少做七年(到 2031-09-18),期间就算有商业问题,也可以个人承担成本。
North Korean APT Bypasses DMARC Email Policies in Cyber-Espionage Attacks
1 year 9 months ago
How the Kimsuky nation-state group and other threat actors are exploiting poor email security — and what organizations can do to defend themselves.
Dr. Sean Costigan
微信朋友圈支持发布实况照片;欧盟要求苹果对第三方开放操作系统;特朗普首次使用比特币支付餐费 | 极客早知道
1 year 9 months ago
OpenAI 要求投资者投资超过 2.5 亿美元;米哈游跌出手游厂商收入 TOP3;三只羊全面复播,设置仅粉丝可以评论
金融安全架构设计中的反思
1 year 9 months ago
如果只允许一种声音存在, 那么, 唯一存在的那个声音就是谎言。