Aggregator

CVE-2024-44215 | Apple iOS/iPadOS Image information disclosure (Nessus ID 211697)

19 hours 23 minutes ago

A vulnerability was found in Apple iOS and iPadOS. It has been classified as problematic. Affected is an unknown function of the component Image Handler. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-44215. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-44215 | Apple tvOS Image information disclosure (Nessus ID 211697)

19 hours 23 minutes ago

A vulnerability was found in Apple tvOS. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Image Handler. The manipulation leads to information disclosure. This vulnerability is known as CVE-2024-44215. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-44215 | Apple watchOS Image information disclosure (Nessus ID 211697)

19 hours 23 minutes ago

A vulnerability was found in Apple watchOS. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Image Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-44215. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-44216 | Apple macOS up to 13.6/14.6 access control (Nessus ID 211697)

19 hours 23 minutes ago

A vulnerability has been found in Apple macOS up to 13.6/14.6 and classified as critical. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2024-44216. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-44215 | Apple macOS Image information disclosure (Nessus ID 211697)

19 hours 23 minutes ago

A vulnerability has been found in Apple macOS and classified as problematic. This vulnerability affects unknown code of the component Image Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-44215. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2009-0119 | Microsoft Windows XP chm memory corruption (EDB-7720 / BID-33204)

19 hours 30 minutes ago

A vulnerability was found in Microsoft Windows XP. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the file chm. The manipulation leads to memory corruption. This vulnerability is known as CVE-2009-0119. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2009-0133 | Microsoft HTML Help Workshop up to 4.74 memory corruption (EDB-7727 / XFDB-47868)

19 hours 30 minutes ago

A vulnerability, which was classified as very critical, was found in Microsoft HTML Help Workshop up to 4.74. Affected is an unknown function of the component HTML Help. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2009-0133. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2009-0174 | VUPlayer 2.49 HREF memory corruption (EDB-7709 / XFDB-47851)

19 hours 30 minutes ago

A vulnerability was found in VUPlayer 2.49. It has been classified as very critical. This affects an unknown part. The manipulation of the argument HREF leads to memory corruption. This vulnerability is uniquely identified as CVE-2009-0174. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2009-0175 | Heathcosoft MP3 TrackMaker 1.5 memory corruption (EDB-7708 / XFDB-47852)

19 hours 30 minutes ago

A vulnerability was found in Heathcosoft MP3 TrackMaker 1.5. It has been declared as very critical. This vulnerability affects unknown code. The manipulation leads to memory corruption. This vulnerability was named CVE-2009-0175. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2009-0828 | Freedville QuoteBook access control (EDB-7699 / BID-33166)

19 hours 30 minutes ago

A vulnerability classified as critical was found in Freedville QuoteBook. This vulnerability affects unknown code. The manipulation leads to improper access controls. This vulnerability was named CVE-2009-0828. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2009-0832 | Ausimods E-Cart 1.3 items.php CA sql injection (EDB-7698 / BID-33155)

19 hours 30 minutes ago

A vulnerability was found in Ausimods E-Cart 1.3 and classified as critical. Affected by this issue is some unknown functionality of the file items.php. The manipulation of the argument CA leads to sql injection. This vulnerability is handled as CVE-2009-0832. The attack may be launched remotely. Furthermore, there is an exploit available.

vuldb.com

【附下载】2024年终数据安全分类分级标准规范汇编

19 hours 35 minutes ago

本期摘要

建立数据安全防护体系的第一步，就是梳理数据资产并分类分级。数据分类分级是数据安全治理和数据管理的主要措施，是数据安全合规使用的基础。只有做好分类分级工作，对不同分类不同级别的数据采取不同的安全防护措施，才能做好数据全流程动态保护。

本文要点：

40+分类分级方法及案例
19+地方标准
7+团体标准
12+行业标准
8+国家标准

近年，国家层面相继出台多项数据分类分级标准规范，证券期货、交通运输、渔业、邮政、通信、卫生健康、海洋、民航等行业主管部门制定出了相关配套标准指引；为落实数据分类分级管理，重庆市、北京市、黑龙江省、山西省、安徽省、浙江省、江苏省等多地进一步发布了有关公共、政务、工业数据分类分级试行指南或规范，以提供指导性参考；卷烟制造、能源、媒体、水务、高校、卫生等领域的社会团体协调相关市场主体共同制定出满足市场和创新需要的团体标准。

重庆信通设计院（咨询引领的一体化安全运营者）——首批上海数据交易所“数据安全服务商”，整理了近年8+项国家标准、12+项行业标准、19+项地方标准以及7+团体标准等数据分类分级相关常用文件，以供大家交流分享，共同推动数据安全事业不断前进。

(特别说明：本文搜集资料来源于网络，仅供参考。最终内容请以官方最新版本为准)

分类分级目录汇编

方法及案例示例

GB/T 43697-2024

数据安全技术数据分类分级规则

DB21/T3867-2023

工业数据分类分级管理指南

（辽宁省）

DB23/T 3510—2023

政务预公开数据分类分级评估指南

（黑龙江省）

DB32/T 4608.1—2023

公共数据管理规范第1部分：数据分类分级（江苏省）

金融业数据分类分级与保护应用研究

来源：重庆信通设计院天空实验室

网络伍豪

CVE-2006-1417 | Caloris Planitia Technologies Web Quiz pro 1.0 prequiz.asp msg cross site scripting (EDB-27480 / XFDB-25431)

19 hours 40 minutes ago

A vulnerability was found in Caloris Planitia Technologies Web Quiz pro 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file prequiz.asp. The manipulation of the argument msg leads to cross site scripting. This vulnerability is known as CVE-2006-1417. The attack can be launched remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2003-1140 | Musicqueue up to 1.1.1 Configuration File language memory corruption (EDB-23303 / XFDB-13521)

19 hours 54 minutes ago

A vulnerability was found in Musicqueue up to 1.1.1. It has been classified as very critical. This affects an unknown part of the component Configuration File. The manipulation of the argument language leads to memory corruption. This vulnerability is uniquely identified as CVE-2003-1140. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2005-2920 | ClamAV up to 0.86.2 libclamav/upx.c memory corruption (VU#363713 / Nessus ID 19793)

20 hours 1 minute ago

A vulnerability classified as critical was found in ClamAV up to 0.86.2. Affected by this vulnerability is an unknown functionality of the file libclamav/upx.c. The manipulation leads to memory corruption. This vulnerability is known as CVE-2005-2920. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2005-2772 | University of Minnesota gopher 3.0.9 vifromline stack-based overflow (VU#619812 / EDB-1187)

20 hours 1 minute ago

A vulnerability was found in University of Minnesota gopher 3.0.9. It has been declared as critical. Affected by this vulnerability is the function vifromline. The manipulation leads to stack-based buffer overflow. This vulnerability is known as CVE-2005-2772. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2005-2758 | Symantec AntiVirus Scan Engine 4.0 heap-based overflow (VU#849209 / Nessus ID 67229)

20 hours 1 minute ago

A vulnerability, which was classified as very critical, has been found in Symantec AntiVirus Scan Engine 4.0. Affected by this issue is some unknown functionality of the component Scan Engine. The manipulation leads to heap-based buffer overflow. This vulnerability is handled as CVE-2005-2758. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2005-2749 | Apple Mac OS X up to 10.4.2 Keychain Access Utility missing encryption (Nessus ID 20113 / ID 115298)

20 hours 1 minute ago

A vulnerability was found in Apple Mac OS X up to 10.4.2. It has been declared as critical. This vulnerability affects unknown code of the component Keychain Access Utility. The manipulation leads to missing encryption of sensitive data. This vulnerability was named CVE-2005-2749. Local access is required to approach this attack. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2005-2744 | Apple Mac OS X 10.3.9 QuickDraw Manager memory corruption (VU#529945 / Nessus ID 19773)

20 hours 1 minute ago

A vulnerability, which was classified as critical, has been found in Apple Mac OS X 10.3.9. This issue affects some unknown processing of the component QuickDraw Manager. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2005-2744. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2005-2747 | Apple Mac OS X 10.4.2 ImageIO memory corruption (VU#650681 / Nessus ID 19773)

20 hours 1 minute ago

A vulnerability, which was classified as critical, was found in Apple Mac OS X 10.4.2. Affected is an unknown function of the component ImageIO. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2005-2747. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com