Aggregator

A vulnerability, which was classified as critical, was found in Linux Kernel. Affected is the function nf_tables of the component Netfilter. The manipulation leads to use after free. This vulnerability is traded as CVE-2023-3610. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability has been found in Linux Kernel up to 6.1.92/6.6.32/6.8.11/6.9.2 and classified as critical. This vulnerability affects the function ax25_addr_ax25dev. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2024-38602. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.92/6.6.32/6.8.11/6.9.2 and classified as critical. Affected by this vulnerability is the function ax25_dev_device_down. The manipulation leads to improper update of reference count. This vulnerability is known as CVE-2024-38554. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.9.9. This affects the function nf_tables_check_loops of the component netfilter. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-41042. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.220/5.15.161/6.1.96/6.6.36/6.9.7. It has been classified as problematic. This affects the function __xdp_reg_mem_model of the file net/core/xdp.c. The manipulation leads to improper initialization. This vulnerability is uniquely identified as CVE-2024-42082. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

All in Windows 的失败，是傲慢还是必然？Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 Matrix 最优

Background Cybersecurity risks in today’s quickly changing digital environment are getting more complex and challenging to identify. As organizations strengthen […]

The post HookChain: A New Approach to Bypassing EDR Solutions appeared first on HawkEye.

A vulnerability was found in SourceCodester Inventory Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /app/action/add_staff.php. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-9323. The attack can be launched remotely. Furthermore, there is an exploit available.

Full Disclosuremailing list archivesFrom: malvuln Date

Full Disclosuremailing list archivesFrom: malvuln Date

Full Disclosuremailing list archivesFrom: malvuln Date

Full Disclosuremailing list archivesFrom: malvuln Date

Full Disclosuremailing list archivesFrom: malvuln Date

Full Disclosuremailing list archivesFrom: "Stefan Kanthak"

Full Disclosuremailing list archivesFrom: SEC Consult Vulnerability Lab via Full

Full Disclosuremailing list archivesFrom: Patrick via Fulldisclosure

OSRC活动即将开启

A vulnerability was found in Apple Safari up to 10.1.2 and classified as problematic. Affected by this issue is some unknown functionality of the component WebKit Storage. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2017-7142. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Законодатели требуют действий против китайского маркетплейса.