Aggregator

A vulnerability was found in Linux Kernel up to 6.17-rc2 and classified as critical. The affected element is the function hibnc_hw_init. The manipulation results in null pointer dereference. This vulnerability is known as CVE-2025-39772. Access to the local network is required for this attack. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.16.3 and classified as critical. Affected by this issue is the function btrfs_copy_root of the component btrfs. Performing a manipulation results in buffer overflow. This vulnerability is reported as CVE-2025-39800. The attacker must have access to the local network to execute the attack. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.16.1 and classified as critical. Affected by this vulnerability is the function blk_stack_limits of the component block. The manipulation results in buffer overflow. This vulnerability is identified as CVE-2025-39795. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.16.1. The affected element is an unknown function of the component NFS. This manipulation causes privilege escalation. This vulnerability is handled as CVE-2025-39798. The attack can only be done within the local network. There is not any exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.17-rc2. It has been classified as critical. The impacted element is the function destroy_args. This manipulation causes allocation of resources. This vulnerability is handled as CVE-2025-39776. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical was found in Linux Kernel up to 6.17-rc2. This affects the function jbd2_log_do_checkpoint. The manipulation results in buffer overflow. This vulnerability is cataloged as CVE-2025-39782. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.16.3. It has been declared as critical. This vulnerability affects the function list_del of the component PCI. The manipulation of the argument epf_group results in use after free. This vulnerability is known as CVE-2025-39783. Access to the local network is required for this attack. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.16.3. This affects the function mdt_loader of the component soc. The manipulation results in buffer overflow. This vulnerability was named CVE-2025-39787. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 6.16.3. This vulnerability affects unknown code of the file drivers/ufs/host/ufs-exynos.c. Such manipulation leads to out-of-bounds read. This vulnerability is listed as CVE-2025-39788. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.16.6. It has been classified as critical. Affected is the function prctl. Performing a manipulation results in information disclosure. This vulnerability is known as CVE-2025-40300. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability identified as critical has been detected in Linux Kernel up to 5.15.189/6.1.148/6.6.102/6.12.43/6.16.3. The affected element is the function xfer_cb. Performing a manipulation results in double free. This vulnerability was named CVE-2025-39790. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.16.3/6.17-rc2. This issue affects the function IPV6_CSUM. Performing a manipulation results in state issue. This vulnerability is cataloged as CVE-2025-39770. The attack must originate from the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in NetApp SAN Host Utilities up to 7.x on Windows. This affects an unknown part of the component Installer. The manipulation results in improper privilege management. This vulnerability is known as CVE-2025-26513. Attacking locally is a requirement. No exploit is available. Upgrading the affected component is advised.

Authorities linked the 40-year-old to multiple crimes by tracing the email address he used for a cybercrime forum to the same account he used to apply for a U.S. visa in 2016.

The post Jordanian national pleads guilty after unknowingly selling FBI agent access to 50 company networks appeared first on CyberScoop.

Security has always moved in waves. Not because we suddenly get smarter, but because we learn from past mistakes, identify gaps, hit limits, need to protect new technologies, and then go and do our best to solve those new security challenges with the technologies at hand. The era of AI (let’s be clear, we have […]

The post How AI Impacts the Cyber Market and The Future of SIEM first appeared on Future of Tech and Security: Strategy & Innovation with Raffy.

The post How AI Impacts the Cyber Market and The Future of SIEM appeared first on Security Boulevard.

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a variety of IP addresses.

A vulnerability marked as problematic has been reported in Apple macOS up to 10.15.3. The affected element is an unknown function of the component Intel Graphics Driver. Performing a manipulation results in information disclosure. This vulnerability is cataloged as CVE-2019-14615. The attack must be initiated from a local position. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Intel CPU. It has been classified as problematic. Affected by this vulnerability is an unknown functionality of the component Processor Graphics Handler. The manipulation leads to information disclosure. This vulnerability is referenced as CVE-2019-14615. The attack can only be performed from a local environment. No exploit is available.

A cross-site scripting (XSS) flaw in the web-based control panel used by operators of the StealC info-stealing malware allowed researchers to observe active sessions and gather intelligence on the attackers' hardware. [...]

A vulnerability described as problematic has been identified in DoubleWiki Extension up to 1.39.3 on MediaWiki. This affects an unknown part of the file includes/DoubleWiki.php of the component Column Alignment. Executing a manipulation can lead to cross site scripting. This vulnerability is tracked as CVE-2023-37304. The attack can be launched remotely. No exploit exists.