Aggregator

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.0.7. Affected by this issue is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. Performing manipulation results in use after free. This vulnerability is reported as CVE-2022-49910. The attack requires a local approach. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in Liferay Portal and DXP. Impacted is an unknown function of the component External URL Handler. Executing manipulation can lead to open redirect. This vulnerability is registered as CVE-2025-62266. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in Liferay Portal and DXP. It has been rated as problematic. This affects an unknown part of the component Blogs Widget. This manipulation of the argument Content causes cross site scripting. This vulnerability appears as CVE-2025-62265. The attack may be initiated remotely. There is no available exploit.

A vulnerability marked as critical has been reported in Azure Access BLU-IC2 and BLU-IC4 up to 1.19.5. Affected is an unknown function of the component SDKSocket. This manipulation causes use of hard-coded cryptographic key . This vulnerability is handled as CVE-2025-12599. The attack can be initiated remotely. There is not any exploit available.

It seems this issue is a false-positive. Please confirm the sources provided and consider disregarding this entry.

A vulnerability categorized as problematic has been discovered in Liferay Portal and DXP. This issue affects some unknown processing of the component URL Handler. Such manipulation leads to incorrect authorization. This vulnerability is traded as CVE-2025-62275. The attack may be launched remotely. There is no exploit available.

A vulnerability identified as problematic has been detected in Liferay Portal and DXP. Impacted is an unknown function of the component Adaptive Media Module. Performing manipulation results in use of web browser cache containing sensitive information. This vulnerability is known as CVE-2025-62276. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in Veeam Agent up to 6.3.2.1205 on Windows and classified as critical. Affected by this vulnerability is an unknown functionality of the component Restore File Handler. Such manipulation leads to Local Privilege Escalation. This vulnerability is uniquely identified as CVE-2025-48982. Local access is required to approach this attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 5.15.77/6.0.7. Affected by this vulnerability is an unknown functionality of the file /sbin/ipset of the component netfilter. The manipulation results in allocation of resources. This vulnerability is reported as CVE-2022-49911. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.0.7. This impacts the function __mdiobus_register of the file drivers/net/phy/mdio_bus.c of the component net. This manipulation causes out-of-bounds read. This vulnerability appears as CVE-2022-49907. The attacker needs to be present on the local network. There is no available exploit. It is advisable to upgrade the affected component.

好，我需要帮用户总结这篇文章的内容，控制在100字以内。首先，文章主要讲的是苹果的iPhone Air 2项目因为销量太差而被无限期推迟。富士康和立讯精密的生产线也陆续关闭了。 接下来，iPhone Air本身虽然设计超薄，但电池容量小，配置也不算高，价格却很高，导致市场表现不佳。苹果原本计划在2026年发布Air 2，但现在可能泡汤了。 另外，苹果之前尝试过细分市场的产品比如Mini和Plus系列都没成功，现在又转向Air系列，结果还是失败了。未来苹果可能还会尝试新的产品线，但目前来看效果不明显。 总结一下：文章主要讲苹果因iPhone Air销量惨淡推迟Air 2发布，并关闭相关产线；同时分析了苹果在细分市场上的多次尝试失败的情况。 苹果因iPhone Air销量惨淡无限期推迟iPhone Air 2发布，富士康仅剩的1条半产线也将关闭。iPhone Air因超薄设计电池容量受限，售价高昂导致市场表现不佳。

A vulnerability was found in LibTIFF 4.0.10. It has been classified as critical. This impacts the function invertImage of the component tiffcrop. Performing manipulation results in buffer overflow. This vulnerability was named CVE-2020-19131. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as critical was found in LibTIFF. This issue affects some unknown processing of the file tif_pixarlog.c. The manipulation results in memory corruption. This vulnerability is identified as CVE-2020-35522. The attack can be executed remotely. There is not any exploit available.

A vulnerability, which was classified as critical, has been found in LibTIFF. Impacted is an unknown function of the file tif_getimage.c. This manipulation causes integer overflow. This vulnerability is tracked as CVE-2020-35523. The attack is possible to be carried out remotely. No exploit exists. It is suggested to install a patch to address this issue.

A vulnerability, which was classified as critical, was found in LibTIFF. The affected element is an unknown function of the component TIFF2PDF. Such manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2020-35524. The attack may be performed from remote. There is no available exploit. A patch should be applied to remediate this issue.

​此次Balancer攻击是2025年规模最大的加密货币盗窃事件之一。

扫描图片下方二维码或点击文末“阅读原文”即可预约观看直播~​

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.1.87/6.6.28/6.8.7/6.9-rc4. This affects the function clk_pm_runtime_get. The manipulation results in deadlock. This vulnerability was named CVE-2024-27003. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.87/6.6.28/6.8.7/6.9-rc4. This vulnerability affects the function genpd_power_off_work_fn of the component mediatek. The manipulation results in deadlock. This vulnerability is cataloged as CVE-2024-27002. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4. It has been declared as critical. The affected element is the function pr_err of the component pmac_zilog. Executing manipulation can lead to denial of service. This vulnerability is handled as CVE-2024-26999. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.