Aggregator

CVE-2025-21773 | Linux Kernel up to 6.6.78/6.12.15/6.13.3/6.14-rc2 etas_es58x null pointer dereference (Nessus ID 236983 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.6.78/6.12.15/6.13.3/6.14-rc2. The impacted element is an unknown function of the component etas_es58x. Performing a manipulation results in null pointer dereference. This vulnerability is reported as CVE-2025-21773. The attacker must have access to the local network to execute the attack. No exploit exists. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-21772 | Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 put_dev_sector out-of-bounds (Nessus ID 230870 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. The affected element is the function put_dev_sector. Such manipulation leads to out-of-bounds read. This vulnerability is documented as CVE-2025-21772. The attack requires being on the local network. There is not any exploit available. The affected component should be upgraded.
vuldb.com

Microsoft January 2026 Security Update Causes Credential Prompt Failures in Remote Desktop Connections

Cyber Security News
2 months 2 weeks ago

Microsoft has released an out-of-band emergency update to resolve a critical issue affecting Remote Desktop connections on Windows client devices. The problem emerged immediately following the installation of the January 2026 security update, identified as KB5074109. Administrators and users reported widespread credential prompt failures when attempting to sign in via the Windows App, significantly disrupting […]

The post Microsoft January 2026 Security Update Causes Credential Prompt Failures in Remote Desktop Connections appeared first on Cyber Security News.

Guru Baran

CVE-2025-21771 | Linux Kernel up to 6.12.15/6.13.3/6.14-rc2 kernel/sched/ext.c scx_move_task information disclosure (Nessus ID 276749 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.12.15/6.13.3/6.14-rc2. It has been rated as problematic. This affects the function scx_move_task of the file kernel/sched/ext.c. This manipulation causes information disclosure. This vulnerability is registered as CVE-2025-21771. The attack requires access to the local network. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2025-21768 | Linux Kernel up to 6.12.15/6.13.3/6.14-rc1 ipv6 ioam6.sh memory leak (Nessus ID 230720 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.15/6.13.3/6.14-rc1. Impacted is an unknown function of the file ioam6.sh of the component ipv6. Performing a manipulation results in memory leak. This vulnerability was named CVE-2025-21768. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-21769 | Linux Kernel up to 6.13.3/6.14-rc2 vmclock_miscdev_fops privilege escalation (Nessus ID 250084 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.13.3/6.14-rc2. The affected element is the function vmclock_miscdev_fops. Executing a manipulation can lead to privilege escalation. The identification of this vulnerability is CVE-2025-21769. The attack needs to be done within the local network. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2025-21770 | Linux Kernel up to 6.12.15/6.13.3/6.14-rc2 iopf_queue_remove_device memory leak (Nessus ID 236983 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability identified as problematic has been detected in Linux Kernel up to 6.12.15/6.13.3/6.14-rc2. Impacted is the function iopf_queue_remove_device. This manipulation causes memory leak. This vulnerability is registered as CVE-2025-21770. It is feasible to perform the attack on the physical device. No exploit is available. You should upgrade the affected component.
vuldb.com

CVE-2025-21766 | Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 __ip_rt_update_pmtu information disclosure (Nessus ID 233595 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. It has been classified as problematic. Affected by this issue is the function __ip_rt_update_pmtu. Performing a manipulation results in information disclosure. This vulnerability is identified as CVE-2025-21766. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-21767 | Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc1 Function Call spinlock_rt.c migrate_disable entropy (Nessus ID 232678 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc1. This affects the function migrate_disable of the file kernel/locking/spinlock_rt.c of the component Function Call Handler. The manipulation results in insufficient entropy in prng. This vulnerability is identified as CVE-2025-21767. The attack can only be performed from the local network. There is not any exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-21762 | Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 arp_xmit use after free (Nessus ID 233595 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. It has been classified as critical. Impacted is the function arp_xmit. Performing a manipulation results in use after free. This vulnerability is reported as CVE-2025-21762. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2025-21763 | Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 neighbour __neigh_notify use after free (Nessus ID 233595 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability classified as critical was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. The affected element is the function __neigh_notify of the component neighbour. Such manipulation leads to use after free. This vulnerability is referenced as CVE-2025-21763. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2025-21764 | Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 ndisc_alloc_skb use after free (Nessus ID 233595 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability labeled as critical has been found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. Affected is the function ndisc_alloc_skb. Such manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-21764. The attack can only be initiated within the local network. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2025-21765 | Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 ip6_default_advmss information disclosure (Nessus ID 233595 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. It has been declared as problematic. This affects the function ip6_default_advmss. Executing a manipulation can lead to information disclosure. This vulnerability is tracked as CVE-2025-21765. The attack is only possible within the local network. No exploit exists. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-21761 | Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2 openvswitch ovs_vport_cmd_fill_info use after free (Nessus ID 230858 / WID-SEC-2025-0453)

Vuldb Updates
2 months 2 weeks ago
A vulnerability identified as critical has been detected in Linux Kernel up to 6.1.128/6.6.78/6.12.15/6.13.3/6.14-rc2. Affected by this issue is the function ovs_vport_cmd_fill_info of the component openvswitch. Performing a manipulation results in use after free. This vulnerability is known as CVE-2025-21761. Access to the local network is required for this attack. No exploit is available. You should upgrade the affected component.
vuldb.com

Week in review: PoC for FortiSIEM flaw released, Rakuten Viber CISO/CTO on messaging risks

Help Net Security
2 months 2 weeks ago

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: What security teams can learn from torrent metadata Security teams often spend time sorting through logs and alerts that point to activity happening outside corporate networks. Torrent traffic shows up in investigations tied to policy violations, insider risk, and criminal activity. A new research paper looks at that same torrent activity through an open source intelligence lens and asks how … More →

The post Week in review: PoC for FortiSIEM flaw released, Rakuten Viber CISO/CTO on messaging risks appeared first on Help Net Security.

Help Net Security

【资料】认知战-北约首席科学家研究报告

丁爸情报分析师的工具箱
2 months 2 weeks ago
《认知战——北约首席科学家研究报告》详细阐述了北约在面对新兴技术与混合威胁时,如何通过科学技术(S&T)研究来应对认知战的挑战。报告涵盖了战略环境分析、北约的应对策略、STO(科学技术组织)的具体研究活动以及跨机构协作等内容。

Managed ad