「外環道1.3」とも言うべき(?)横軸道路となります。
世界唯一“軍艦を沈めた原子力潜水艦”とは 日本防衛にも活かせるか「海の忍者」の戦訓
今から40年前のフォークランド紛争では、イギリス海軍が“世界初”の戦果を挙げています。原子力潜水艦による攻撃で、アルゼンチン海軍は手痛い打撃を被りました。その一部始終を振り返ります。
…
[io.quarkus:quarkus-vertx-http-deployment] Code injection in quarkus dev ui config editor
A vulnerability was found in quarkus. This security flaw happens in Dev UI Config Editor which is vulnerable to drive-by localhost attacks leading to remote code execution.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-4116
https://access.redha…
大都市だけでない「開かずの踏切」解消へ12年ぶり始動 ことでんの踏切の紆余曲折
「開かずの踏切」は大都市特有の問題ではなく、地方都市でも見られます。香川県高松市のことでん本町踏切もそのひとつで、紆余曲折を経て12年ぶりに、解消へ向けた計画が再始動しようとしています。
…
[microweber/microweber] Account Takeover Through Password Reset Poisoning
Microweber 1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-33012
https://blog.jitendrapatro.me/cve-2022-33012-account-takeover-through-pas…
[backdrop/backdrop] Cross-site Scripting in Backdrop CMS
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the ‘Card’ content.
References
https://nvd.nist.gov/vuln/detail/CVE-2022-42094
https://github.com/backdrop/backdrop/releases/tag/1.23.0
https:/…
[backdrop/backdrop] Cross-site Scripting in Backdrop CMS
Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via ‘Comment.’s
References
https://nvd.nist.gov/vuln/detail/CVE-2022-42097
https://github.com/backdrop/backdrop/releases/tag/1.23.0
https://github….
5 scams to watch out for this holiday season
How Gmail is helping keep you stay safe and secure from email scams this holiday season.
探索~自爆で殺傷する小型軍用ドローン、イスラエル企業が開発。親機が多数の子機を展開
イスラエルの防衛技術企業Elbit Systemsが、自律飛行する戦闘ドローン「Lanius」を開発…
[apache-airflow] OS Command Injection in Apache Airflow
Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) vulnerability in Apache Airflow Spark Provider, Apache Airflow allows an attacker to read arbtrary files in the task execution context, without write access to D…