Aggregator

根据需求，选择群辉型号1、群晖特色型号：    免费带8路摄像头型号：DVA3221、DVA3219、DVA1622    自带英伟达独显驱动型号：DV

As enterprises in the world embrace Microsoft's AI assistant, researcher Michael Bargury warns its security is lacking. Check out his News Desk interview during Black Hat USA.

A vulnerability was found in Xiaomi Router AX9000 up to 1.0.168. It has been classified as critical. Affected is an unknown function. The manipulation leads to command injection. This vulnerability is traded as CVE-2023-26315. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 6.10.4 and classified as critical. This issue affects the function ras_manager of the component AMD GPU. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-43908. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.104/6.6.45/6.10.4 and classified as problematic. This vulnerability affects unknown code of the component nl80211. The manipulation leads to denial of service. This vulnerability was named CVE-2024-43912. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.15.164/6.1.104/6.6.45/6.10.4. This affects the function smu7_update_edc_leakage_table of the component AMD GPU. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-43909. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.10.223/5.15.164/6.1.104/6.6.45/6.10.4. Affected by this issue is the function apply_state_adjust_rules of the component AMD GPU. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-43907. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.45/6.10.4. Affected by this vulnerability is an unknown functionality of the component DRM. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-43906. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.104/6.6.45/6.10.4. Affected is the function vega10_hwmgr. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-43905. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.164/6.1.104/6.6.45/6.10.4. It has been rated as critical. This issue affects some unknown processing of the component AMD Display. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2024-43902. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.104/6.6.45/6.10.4. It has been declared as problematic. This vulnerability affects the function load_firmware_cb. The manipulation leads to improper initialization. This vulnerability was named CVE-2024-43900. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.4. It has been classified as critical. This affects the function efi_rt_services_supported of the component cs-amp-lib. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-43896. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.10.4 and classified as critical. Affected by this issue is the function drm_client_modeset_probe. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-43894. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-7971 Google Chromium V8 Type Confusion Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

A vulnerability has been found in Linux Kernel up to 6.10.4 and classified as critical. Affected by this vulnerability is the function notify_handler. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-44937. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.10.4. Affected is the function devm_power_supply_register of the component rt5033. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2024-44936. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Goede telemetrie en logging spelen een sleutelrol bij de detectie en afhandeling van cyberaanvallen. Zeker gezien de toegenomen dreiging van cyberaanvallen is het van wezenlijk belang dat organisaties passende maatregelen nemen met betrekking tot telemetrie en logging.

APT42 не оставляют надежды помешать выборам в США.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.10.4. This issue affects the function event_release. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-43891. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.