Aggregator

A vulnerability classified as problematic has been found in SICK Media Server. Affected is an unknown function. The manipulation leads to insufficiently random values. This vulnerability is traded as CVE-2025-49198. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in SICK Media Server up to 1.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to use of weak hash. The identification of this vulnerability is CVE-2025-49197. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Author/Presenter: Perri Adams

Our sincere appreciation to OffensiveCon by Binary Gecko, and the Presenters/Authors for publishing their outstanding OffensiveCon 2025 video content. Originating from the conference’s events located at the Hilton Berlin; and via the organizations YouTube channel.

Thanks and a Tip O' The Hat to Verification Labs :: Penetration Testing Specialists :: Trey Blalock GCTI, GWAPT, GCFA, GPEN, GPCS, GCPN, CRISC, CISA, CISM, CISSP, SSCP, CDPSE for recommending the OffensiveCon 25 conference.

Permalink

The post OffensiveCon25 – Keynote: Automating Your Job? The Future Of AI and Exploit Development appeared first on Security Boulevard.

A vulnerability was found in SICK Media Server. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability was named CVE-2025-49195. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in SICK Field Analytics and Media Server. It has been classified as problematic. This affects an unknown part. The manipulation leads to protection mechanism failure. This vulnerability is uniquely identified as CVE-2025-49193. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in SICK Field Analytics and classified as very critical. Affected by this issue is some unknown functionality. The manipulation leads to insufficient verification of data authenticity. This vulnerability is handled as CVE-2025-49199. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in SICK Media Server and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cleartext transmission of sensitive information. This vulnerability is known as CVE-2025-49194. The attack can be launched remotely. There is no exploit available.

6 月 12 日下午，从印度艾哈迈达巴德飞往英国伦敦盖特威克机场的印度航空 171 号班机波音 787-8 客机，起飞期间在萨达尔·瓦拉巴伊·帕特尔国际机场附近坠毁。事故发生在毗邻机场、人口稠密的梅加尼纳加尔（Meghani Nagar）住房区。印度航空官方通告显示，机上载有 242 人，有一位幸存者；地面至少 28 人也遭波及遇难，已确认 269 人死亡。本次事故是波音 787 客机自 2011 年投入商业运营以来的首起致命空难。 失事飞机服役了 11 年。机上有 169 名印度人、53 名英国人、7 名葡萄牙人和 1 名加拿大人。

A vulnerability, which was classified as problematic, was found in SICK Field Analytics and Media Server. Affected is an unknown function. The manipulation leads to improper restriction of rendered ui layers. This vulnerability is traded as CVE-2025-49192. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in SICK Field Analytics. This issue affects some unknown processing of the component TLS Handler. The manipulation leads to risky cryptographic algorithm. The identification of this vulnerability is CVE-2025-49196. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in Linux Kernel up to 5.18.3. It has been classified as critical. Affected is the function bc_serv of the component xprtrdma. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-49321. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.18.14 and classified as problematic. Affected by this vulnerability is the function READ_ONCE. The manipulation leads to information disclosure. This vulnerability is known as CVE-2022-49601. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.10.128/5.15.52/5.18.9 and classified as critical. Affected by this vulnerability is the function cm_alloc_id_priv. The manipulation leads to memory leak. This vulnerability is known as CVE-2022-49671. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.15.55/5.18.12. This issue affects the function READ_ONCE. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2022-49632. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.128/5.15.52/5.18.9. It has been classified as critical. This affects the function tipc_bcast_rcv. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-49664. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.14 and classified as problematic. Affected by this issue is the function sysctl_fwmark_reflect. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2022-49602. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.12. It has been declared as problematic. This vulnerability affects the function READ_ONCE. The manipulation leads to information disclosure. This vulnerability was named CVE-2022-49639. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.111/5.15.34/5.17.3. Affected is the function svc_revisit. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-49065. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 4.19.253/5.4.207/5.10.133/5.15.57/5.18.14. It has been declared as problematic. This vulnerability affects the function sysctl_ip_fwd_use_pmtu. The manipulation leads to information disclosure. This vulnerability was named CVE-2022-49604. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.