Aggregator

A vulnerability classified as problematic has been found in Linux Kernel up to 5.15.26/5.16.12. Affected is the function lookup_inline_extent_backref+0x647/0x680 of the file fs/btrfs/extent-tree.c of the component btrfs. The manipulation leads to injection. This vulnerability is traded as CVE-2022-48901. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.14.9 and classified as problematic. Affected by this issue is the function delayed_work_timer_fn in the library lib/debugobjects.c. The manipulation leads to use after free. This vulnerability is handled as CVE-2021-47387. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.29/5.16.15 and classified as problematic. Affected by this issue is the function hci_core: of the component Bluetooth. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-48844. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.104/6.6.45/6.10.4 and classified as problematic. This vulnerability affects unknown code of the component nl80211. The manipulation leads to denial of service. This vulnerability was named CVE-2024-43912. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.10.4. Affected by this issue is some unknown functionality. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2024-44969. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.10.102/5.15.25/5.16.11. Affected is the function kvm_arch_can_dequeue_async_page_present of the component KVM. The manipulation leads to state issue. This vulnerability is traded as CVE-2022-48943. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.5.4. Affected by this vulnerability is the function az6027_i2c_xfer of the component Media. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2023-52915. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Django up to 4.2.14/5.0.7. Affected by this issue is the function urlize/urlizetrunc of the component Template Filter. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-41991. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

系列文章合集：IoT Power PC 端技术总结单文件化的取舍实际上对于现在的大部分软件来说，不需要做单文件化，因为基本都是一个安装包来把软件安装到固定位置，这时软件有多少文件并不是个重要的事情

A vulnerability, which was classified as critical, has been found in Mozilla Firefox 44. Affected by this issue is some unknown functionality of the component once. The manipulation leads to use after free. This vulnerability is handled as CVE-2016-1972. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

The EU Council has adopted the Cyber Resilience Act (CRA), a new law that aims to make consumer products with digital components safe(r) to use. CRA requirements The CRA outlines EU-wide cybersecurity standards for digital products, i.e. products that are connected – either directly or indirectly – to another device or to a network. This category includes “smart” home appliances, TVs, thermostats, toys, wearable health technology, baby monitoring systems, and so on. Some connected products … More →

The post EU adopts Cyber Resilience Act to secure connected products appeared first on Help Net Security.

OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. OpenAI announced the disruption of over 20 cyber and influence operations this year, involving Iranian and Chinese state-sponsored hackers. The company uncovered the activities of three threat actors abusing ChatGPT to launch cyberattacks. One of […]

At CornCon 2024, experts debunk myths, explore SaaS vulnerabilities, and highlight how human connections shape the future of cybersecurity innovation.

The post CornCon X: Powering Cybersecurity Innovation Through Human Connection appeared first on Security Boulevard.

Как изменится интернет для юных пользователей интернета после создания международного альянса.

Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the password-cracking process.  In this post, we’ll explore hybrid attacks — what they are

A vulnerability was found in Mozilla Firefox 44. It has been rated as critical. This issue affects the function I420VideoFrame::CreateFrame. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2016-1971. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

总结推荐了本周的热点资讯、安全事件、一周好文和省心工具，保证大家不错过本周的每一个重点。

主站 分类 漏洞 工具 极客

error code: 521