CVE-2024-12483 Dromara UJCMS User ID id authorization

A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This affects an unknown part of the file /users/id of the component User ID Handler. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The complexity of an attack i...

CVE-2024-11619

The CVE-2024-11619 issue affects macrozheng mall up to version 1.0.3, specifically the JWT Token Handler component. Root cause: use of a default cryptographic key, which can compromise confidentiality/integrity if exploited. Exploitation complexity is described as high and exploitation is difficu...

CVE-2024-52916

Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...

Bitcoin Core 安全漏洞

Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in versions of Bitcoin Core prior to 24.0.1 that stems from a failure to verify that the provided chain has sufficient workload, allowing an attacker to cause a deni...

CVE-2024-52916

Summary (CVE-2024-52916) : Bitcoin Core versions prior to 0.15.0 are affected by a denial-of-service condition caused by a flood of minimum-difficulty headers, which can lead to an out-of-memory (OOM) exhaustion of the daemon. This impacts availability of the Bitcoin Core node. Remediation: upgra...

CVE-2024-52916

Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...

CVE-2024-52916

Bitcoin Core before 0.15.0 allows a denial of service OOM kill of a daemon process via a flood of minimum difficulty headers...

CVE-2024-10920

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-master\src\main\java\io\github\mariazevedo88\travelsjavaapi\filters\JwtAuthenticationTokenFilter.java of the...

CVE-2024-10073 flairNLP flair Mode File Loader clustering.py ClusteringModel code injection

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The...

CVE-2024-9554

Sovell Smart Canteen System (up to 3.0.7303.30513) is affected by a vulnerability in the Password Reset Handler. The issue resides in the function Check_ET_CheckPwdz201 of suanfa.py and allows authorization bypass. It can be exploited remotely, with attack complexity described as high; exploitati...

CVE-2024-9554 Sovell Smart Canteen System Password Reset suanfa.py Check_ET_CheckPwdz201 authorization

A vulnerability classified as problematic was found in Sovell Smart Canteen System up to 3.0.7303.30513. Affected by this vulnerability is the function CheckETCheckPwdz201 of the file suanfa.py of the component Password Reset Handler. The manipulation leads to authorization bypass. The attack can...

CVE-2024-8869

CVE-2024-8869 affects TOTOLINK A720R 4.1.5; the vulnerability is in the exportOvpn function and enables OS command injection. The issue can be exploited remotely with high impact on confidentiality, integrity, and availability (per CVSS data), and exploitability is described as difficult with hig...

CVE-2024-8417 云课网络科技有限公司 Yunke Online School System videobind.html sensitive information in source

A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/educloud/videobind.html. The manipulation leads to inclusion of sensitive information in source code. The attack can be...

Key Takeaways From The Take Command Summit: Navigating New SEC Cybersecurity Disclosure Rules

Understanding and complying with the new SEC Cybersecurity Disclosure Rules is a daunting task for many organizations. The Rapid7 Take Command Summit provided an in-depth look at these regulations, offering valuable guidance for cybersecurity professionals. Here are three key takeaways from the...

CVE-2024-6056

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response...

SimpleSAMLphp Reflected Cross-site Scripting vulnerability

Background SimpleSAMLphp uses metadata to determine how to interact with other SAML entities. This metadata includes what’s called endpoints, which are URLs belonging to that entity where SAML messages can be sent. These URLs are used directly by SimpleSAMLphp when a message is sent, either via a...

CVE-2024-1925 Ctcms Upsys.php unrestricted upload

A vulnerability was found in Ctcms 2.1.2. It has been declared as critical. This vulnerability affects unknown code of the file ctcms/apps/controllers/admin/Upsys.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The complexity of an attack is rather high...

Eight questions to measure vulnerability remediation "pain"

What is it about certain vulnerabilities that makes them especially hard to deal with, and how can vendors make things easier for security teams?...

MTE As Implemented, Part 2: Mitigation Case Studies

By Mark Brand, Project Zero Background In 2018, in the v8.5a version of the ARM architecture, ARM proposed a hardware implementation of tagged memory, referred to as MTE Memory Tagging Extensions. In Part 1 we discussed testing the technical and implementation limitations of MTE on the hardware...

Pre-Auth SQLi leading to RCE in Social Media Skeleton v1.0

Summary A SQL Injection vulnerability exists in Social Media Skeleton v1.0 via the username and password parameters in admin/login.php. Not to be confused with login.php, which properly escapes special characters. Issue Description SQL injection SQLi is a code injection technique used to attack...