Aggregator

A vulnerability was found in Mattermost up to 9.11.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Reporting. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2025-1472. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Read about the significant hidden costs and ethical pitfalls of content scraping — and learn how to protect your website.

Alleged Data Sale of Antipublic Collection - Total Lines 5 Billion+

Эксперимент доказывает, что технологии уже готовы заменить человека.

California Cryobank, the largest US sperm bank, suffered a data breach exposing customer information. California Cryobank (CCB) is the largest sperm bank in the U.S., providing frozen donor sperm and reproductive services, including egg and embryo storage. It operates in all 50 states and over 30 countries worldwide, helping individuals and couples with fertility treatments. […]

游戏市场情报公司 Newzoo 咨询总监 Ben Porter 本周在 GDC 上发表演讲，称 PC 已经成为最大的游戏市场，而 PC 玩家最爱老游戏。Newzoo 每年深入调查了 73,000 名玩家，以及分析了逾万款游戏数据。根据 Newzoo 的分析，2023 年 PC 玩家有 8.735 亿，2024 年增长至 9.075 亿。相比下主机玩家在 2024 年有 6.531 亿。PC 玩家偏爱老游戏：数据显示，从 2024 年 1 月到 12 月，67% 的玩家游戏时间是花在六年或更久的游戏上；25% 是花在 2-5 年前的游戏上，8% 的时间花在不到 2 年前的游戏上。对于这 67% 的玩家：7.1% 是花在 CSGO/ CS2 上，6.4% 花在《英雄联盟（League of Legends）》上，6.2% 花在 Roblox 上，5.8% 花在 Dota 2 上，5.4% 花在《堡垒之夜（Fortnite）》上。

Alleged Leak of 35 Italian Databases

A vulnerability was found in Netbox 4.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /dcim/power-outlets/{id}/edit/. The manipulation of the argument Name leads to cross site scripting. This vulnerability is handled as CVE-2024-40735. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Netbox 4.0.3. This affects an unknown part of the file /dcim/power-outlets/add. The manipulation of the argument Name leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-40736. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Netbox 4.0.3. This vulnerability affects unknown code of the file /dcim/console-ports/add. The manipulation of the argument Name leads to cross site scripting. This vulnerability was named CVE-2024-40737. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Netbox 4.0.3. This issue affects some unknown processing of the file /dcim/power-feeds/{id}/edit/. The manipulation of the argument Name leads to cross site scripting. The identification of this vulnerability is CVE-2024-40740. The attack may be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Netbox 4.0.3. Affected is an unknown function of the file /dcim/console-ports/{id}/edit/. The manipulation of the argument Name leads to cross site scripting. This vulnerability is traded as CVE-2024-40738. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in Netbox 4.0.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /dcim/power-feeds/add. The manipulation of the argument Name leads to cross site scripting. This vulnerability is known as CVE-2024-40739. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Netbox 4.0.3 and classified as problematic. Affected by this issue is some unknown functionality of the file /circuits/circuits/{id}/edit/. The manipulation of the argument ID leads to cross site scripting. This vulnerability is handled as CVE-2024-40741. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Netbox 4.0.3. It has been classified as problematic. This affects an unknown part of the file /circuits/circuits/add. The manipulation of the argument ID leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-40742. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in JupiterX Core Plugin up to 3.3.0 on WordPress. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to missing authorization. This vulnerability is handled as CVE-2023-38385. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in MediaTek MT6580, MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6833, MT6835, MT6853, MT6855, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT6989, MT8188, MT8370 and MT8390 and classified as problematic. This issue affects some unknown processing of the component Da. The manipulation leads to improper handling of faults that lead to instruction skips. The identification of this vulnerability is CVE-2024-20059. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in Lime Survey up to 6.5.12. Affected by this vulnerability is an unknown functionality of the component POST Request Handler. The manipulation of the argument YII_CSRF_TOKEN leads to cross-site request forgery. This vulnerability is known as CVE-2024-39063. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in dj-extensions DJ-HelpfulArticles up to 1.1.0 on Joomla. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-27183. The attack may be launched remotely. There is no exploit available.