Aggregator

CVE-2005-4838 | Apache Jakarta Tomcat up to 5.5.6 Messenger functions.jsp cross site scripting (Nessus ID 43840 / ID 86780)

Vuldb Updates
10 months 3 weeks ago
A vulnerability was found in Apache Jakarta Tomcat up to 5.5.6. It has been declared as critical. This vulnerability affects unknown code of the file examples/jsp2/el/functions.jsp of the component Messenger. The manipulation leads to cross site scripting. This vulnerability was named CVE-2005-4838. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2006-0001 | Microsoft Publisher 2000/2002/2003 PUB File memory corruption (MS06-054 / VU#406236)

Vuldb Updates
10 months 3 weeks ago
A vulnerability classified as problematic was found in Microsoft Publisher 2000/2002/2003. Affected by this vulnerability is an unknown functionality of the component PUB File Handler. The manipulation leads to memory corruption. This vulnerability is known as CVE-2006-0001. The attack can only be done within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

APT Attackers Leverage Microsoft ClickOnce to Run Malware as Trusted Applications

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
10 months 3 weeks ago

The Trellix Advanced Research Center has exposed a highly sophisticated Advanced Persistent Threat (APT) malware campaign dubbed “OneClik,” specifically targeting the energy, oil, and gas sectors. This operation, which exhibits traits potentially linked to Chinese-affiliated threat actors, employs phishing attacks and exploits Microsoft ClickOnce a .NET deployment technology meant for self-updating applications to execute malicious […]

The post APT Attackers Leverage Microsoft ClickOnce to Run Malware as Trusted Applications appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2002-0693 | Microsoft Windows NT 4.0/2000/XP HTML Help ActiveX Control hhctrl.ocx alink memory corruption (MS02-055 / EDB-21902)

Vuldb Updates
10 months 3 weeks ago
A vulnerability was found in Microsoft Windows NT 4.0/2000/XP. It has been declared as critical. This vulnerability affects the function alink of the file hhctrl.ocx of the component HTML Help ActiveX Control. The manipulation leads to memory corruption. This vulnerability was named CVE-2002-0693. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

Qilin

Dark Feed IO
10 months 3 weeks ago

You must login to view this content

cohenido

CVE-2017-6020 | LCDS LTDA ME LAquis SCADA up to 4.1.0 path traversal (EDB-42885 / BID-97055)

Vuldb Updates
10 months 3 weeks ago
A vulnerability was found in LCDS LTDA ME LAquis SCADA up to 4.1.0 and classified as critical. This issue affects some unknown processing. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2017-6020. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Weekoverzicht Defensieoperaties

Defensie.nl - Nieuwsberichten
10 months 3 weeks ago
Apache-gevechtshelikopters bewaken het luchtruim boven ‘vesting’ Den Haag. Marineschepen beveiligen de Noordzee en de kust en als het moet draait het  luchtverdedigingssysteem Patriot overuren. Het is maar een fractie van de Defensie-inzet voor de NAVO-top. Totaal zijn 5.000 militairen, reservisten en burgermedewerkers in touw. Daarnaast voert de marechaussee politietaken uit. Een overzicht van Defensieoperaties in de week van 18 tot en met 24 juni 2025.

法官裁决 Anthropic 使用书籍训练 AI 是合理使用,但使用盗版书籍训练并不是

Solidot
10 months 3 weeks ago
美国联邦法官裁决 Anthropic 使用书籍训练 AI 是合理使用,但使用盗版书籍训练并不是。法庭文件显示,Anthropic 从盗版网站下载了逾 700 万本书籍。它还购买了数百万本纸质书,拆开装订扫描了每一页,将其以数字形式存储。盗版书库和扫描书库被用于训练 Anthropic 大模型 Claude 的不同版本,每年为该公司带来逾十亿美元收入。法官裁决使用盗版书籍训练 AI 不是合理使用,将在晚些时候就盗版书籍相关赔偿进行审理。

CVE-2012-1026 | Johannes Ekberg XRay CMS 1.1.1 Login login2.php sql injection (EDB-18467 / XFDB-73000)

Vuldb Updates
10 months 3 weeks ago
A vulnerability classified as critical has been found in Johannes Ekberg XRay CMS 1.1.1. This affects an unknown part of the file login2.php of the component Login. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2012-1026. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2019-11358 | Oracle Financial Services Liquidity Risk Measurement 8.0.7/8.0.8 Apache Groovy cross site scripting (EDB-52141 / Nessus ID 208606)

Vuldb Updates
10 months 3 weeks ago
A vulnerability was found in Oracle Financial Services Liquidity Risk Measurement and Management 8.0.7/8.0.8 and classified as critical. Affected by this issue is some unknown functionality of the component Apache Groovy. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2019-11358. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad