Aggregator

A vulnerability was found in ckan up to 2.10.4. It has been rated as problematic. This issue affects the function datatables_view. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-41675. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in OpenText Performance Center 12.63 on Windows. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to information disclosure. This vulnerability was named CVE-2022-26327. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Apache Airflow up to 2.9.x. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-41937. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

The MoonPeak RAT as used by UAT-5394 showed a possible connection to North Korean threat Kimsuky

Software Security / VulnerabilityCybersecurity researchers have disclosed a critical security flaw

Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack. "An authenticated attacker can bypass Server-Side Request

A vulnerability was found in CKeditor4 up to 4.24.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-43411. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in ckan up to 2.10.4 and classified as problematic. Affected by this vulnerability is the function package_search. The manipulation leads to information exposure through error message. This vulnerability is known as CVE-2024-41674. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in ckan up to 2.10.4. Affected is an unknown function. The manipulation leads to server-side request forgery. This vulnerability is traded as CVE-2024-43371. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in CKeditor4 up to 4.24.x. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-43407. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Influence operations are often thought of as clandestine meddling in other countries’ affairs, but

Table of LinksAbstract and 1 Introduction2 Preliminaries3 End-to-End Adaptive Local Learning3.1

Redis is mainly used as an application cache or a quick-response database. But wait, you can always

error code: 1106

今日暂未更新资讯~
更多最新文章，请访问SecWiki

The Joy of the Internet Slow Lane Posted on Wednesday 21st of August 20

Phrack #71 has been released online and is available to read for free. This issue is the first to be released since 2021, marking a new chapter in the influential online magazine's history. [...]

Cyber Espionage / MalwareA new remote access trojan called MoonPeak has been discovered as being u

A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky. MoonPeak, under active development