Aggregator

CVE-2025-68238 | Linux Kernel up to 6.17.9 mtd dma_dev null pointer dereference (WID-SEC-2025-2868)

Vuldb Updates
2 months 2 weeks ago
A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.17.9. This affects the function dma_dev of the component mtd. Executing a manipulation can lead to null pointer dereference. This vulnerability appears as CVE-2025-68238. The attacker needs to be present on the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2025-68236 | Linux Kernel up to 6.17.9 scsi Power_Condition initialization (WID-SEC-2025-2868)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.17.9. It has been declared as critical. This affects the function Power_Condition of the component scsi. Such manipulation leads to improper initialization. This vulnerability is traded as CVE-2025-68236. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-23885 | AlchemyCMS alchemy_cms up to 7.4.11/8.0.2 resources_helper.rb eval eval injection (GHSA-2762-657x-v979 / EUVD-2026-3281)

Vuldb Updates
2 months 2 weeks ago
A vulnerability was found in AlchemyCMS alchemy_cms up to 7.4.11/8.0.2. It has been classified as problematic. Affected is the function eval of the file app/helpers/alchemy/resources_helper.rb. This manipulation causes improper neutralization of directives in dynamically evaluated code. This vulnerability is tracked as CVE-2026-23885. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2026-23886 | swift-otel swift-w3c-trace-context up to 1.0.3 OpenTelemetry Protocol denial of service (GHSA-mvpq-2v8x-ww6g / EUVD-2026-3282)

Vuldb Updates
2 months 2 weeks ago
A vulnerability classified as problematic was found in swift-otel swift-w3c-trace-context up to 1.0.3. This affects an unknown function of the component OpenTelemetry Protocol. Executing a manipulation can lead to denial of service. This vulnerability is handled as CVE-2026-23886. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2026-23880 | HackUCF OnboardLite input validation (GHSA-93w8-83cg-h89g / EUVD-2026-3283)

Vuldb Updates
2 months 2 weeks ago
A vulnerability has been found in HackUCF OnboardLite and classified as problematic. Affected by this vulnerability is an unknown functionality. This manipulation causes improper input validation. The identification of this vulnerability is CVE-2026-23880. It is possible to initiate the attack remotely. There is no exploit available. Applying a patch is the recommended action to fix this issue.
vuldb.com

CVE-2026-23877 | swingmx swingmusic up to 2.1.3 /folder/dir-browser list_folders path traversal (GHSA-pj88-9xww-gxmh / EUVD-2026-3284)

Vuldb Updates
2 months 2 weeks ago
A vulnerability marked as problematic has been reported in swingmx swingmusic up to 2.1.3. This affects the function list_folders of the file /folder/dir-browser. Performing a manipulation results in path traversal: '/../filedir'. This vulnerability is reported as CVE-2026-23877. The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.
vuldb.com

Qilin

Dark Feed IO
2 months 2 weeks ago

You must login to view this content

cohenido

Ransomware 'Most Wanted': Cops Seek Head of Black Basta

DataBreachToday.com
2 months 2 weeks ago
Crackdown Targets Multiple Members of Cybercrime Group, Including 'Hash Crackers'
Police raided two suspected members of the notorious Black Basta ransomware group - tied to over 600 victims worldwide and many millions in ransom payments - in Ukraine and issued an international arrest warrant for the Russian national suspected of being the operation's founder and ringleader.

Managed ad