Microsoft Message Queuing 资源管理错误漏洞

Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. A security vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to cause a denial of service on the system...

Microsoft Message Queuing 安全漏洞

Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. A security vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to cause a denial of service on the system...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android onPrimaryClipChanged, which can be exploited by an attacker to submit a special request for elevation of privilege...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. An elevation of privilege vulnerability exists in Google Android isPackageDeviceAdmin, which can be exploited by an attacker to submit a special request for elevation of privilege...

GHSA-HQMP-G7PH-X543 TunnelVision - decloaking VPNs using DHCP

A new decloaking technique for nearly all VPN implementations has been found, which allows attackers to inject entries into the routing tables of unsuspecting victims using DHCP option 121. This allows attackers to redirect traffic, which is supposed to be sent encrypted over the VPN, through the...

TunnelVision - decloaking VPNs using DHCP

A new decloaking technique for nearly all VPN implementations has been found, which allows attackers to inject entries into the routing tables of unsuspecting victims using DHCP option 121. This allows attackers to redirect traffic, which is supposed to be sent encrypted over the VPN, through the...

The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure

The vulnerability of the kernel component of the Linux operating system is related to an infinite loop. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2024-36567 · Trend Micro · Trend Micro Apex One

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. An attacker must first obta...

JetBrains YouTrack Prototype Contamination Vulnerability

JetBrains YouTrack is a project management tool that supports cloud hosting and local deployment, providing task management, team collaboration, time tracking and other features for software development, human resources and other scenarios. JetBrains YouTrack suffers from a prototype contaminatio...

The vulnerability of the Linux operating system’s kernel component, which allows a hacker to trigger a service failure

The vulnerability of the Linux operating system’s kernel component is related to errors in resource management within the implement function. Exploiting this vulnerability can allow an attacker to cause a service failure...

Adobe Experience Manager 跨站脚本漏洞

Adobe Experience Manager is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2024-54138 XSS Vulnerability in NuGetGallery's Markdown Autolinks Processing

NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...

CVE-2024-54138 XSS Vulnerability in NuGetGallery's Markdown Autolinks Processing

NuGet Gallery is a package repository that powers nuget.org. The NuGetGallery has a security vulnerability related to its handling of autolinks in Markdown content. While the platform properly filters out JavaScript from standard links, it does not adequately sanitize autolinks. This oversight...

Synapse's unauthenticated writes to the media repository allow planting of problematic content

Impact Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the local homeserver in an unauthenticate...

GHSA-GJGR-7834-RHXR Synapse's unauthenticated writes to the media repository allow planting of problematic content

Impact Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the local homeserver in an unauthenticate...

CVE-2024-37303

Synapse is an open-source Matrix homeserver. Synapse before version 1.106 allows, by design, unauthenticated remote participants to trigger a download and caching of remote media from a remote homeserver to the local media repository. Such content then also becomes available for download from the...

PT-2024-20703 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 11.0.0 through 11.0.1 Description: The issue allows malicious file upload by permitting unrestricted filetype attachments in the Journal entry page. Attackers can exploit this weakness to upload malicious...

IrfanView 安全漏洞

IrfanView is an image viewer. It supports image browsing, image editing, image format conversion and so on. IrfanView suffers from a code execution vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current process...

IrfanView 安全漏洞

IrfanView is an image viewer by the individual developer Irfan Skiljan. It supports image browsing, image editing, image format conversion and more. IrfanView suffers from a post-release reuse vulnerability that can be exploited by an attacker to execute code in the context of the current process...

Bitcoin Core 安全漏洞

Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in Bitcoin Core versions prior to 25.0. An attacker exploiting the vulnerability could affect the download status of other peers by sending variant blocks...