Aggregator
CVE-2025-21694 | Linux Kernel up to 6.12.10 cond_resched denial of service
5 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.10. Affected is the function cond_resched. The manipulation leads to denial of service.
This vulnerability is traded as CVE-2025-21694. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-21696 | Linux Kernel up to 6.12.10 mm mremap state issue
5 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.10. This issue affects the function mremap of the component mm. The manipulation leads to state issue.
The identification of this vulnerability is CVE-2025-21696. The attack can only be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-21699 | Linux Kernel up to 6.13.0 gfs2 buffer overflow
5 months 2 weeks ago
A vulnerability classified as critical was found in Linux Kernel up to 6.13.0. This vulnerability affects unknown code of the component gfs2. The manipulation leads to buffer overflow.
This vulnerability was named CVE-2025-21699. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-21697 | Linux Kernel up to 6.12.10 v3d Privilege Escalation
5 months 2 weeks ago
A vulnerability classified as problematic has been found in Linux Kernel up to 6.12.10. This affects an unknown part of the component v3d. The manipulation leads to Privilege Escalation.
This vulnerability is uniquely identified as CVE-2025-21697. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-21698 | Linux Kernel up to 6.13.0 u_serial denial of service
5 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.13.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component u_serial. The manipulation leads to denial of service.
This vulnerability is handled as CVE-2025-21698. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-57952 | Linux Kernel up to 6.12.11/6.13.0 libfs offset_readdir comparison
5 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.12.11/6.13.0. It has been declared as problematic. Affected by this vulnerability is the function offset_readdir of the component libfs. The manipulation leads to incorrect comparison.
This vulnerability is known as CVE-2024-57952. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2025-21695 | Linux Kernel up to 6.12.10 dell-uart-backlight dell_uart_bl_serdev_probe null pointer dereference
5 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.12.10. It has been classified as critical. Affected is the function dell_uart_bl_serdev_probe of the component dell-uart-backlight. The manipulation leads to null pointer dereference.
This vulnerability is traded as CVE-2025-21695. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-57951 | Linux Kernel up to 6.12.10 hrtimers_prepare_cpu state issue
5 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.12.10 and classified as problematic. This issue affects the function hrtimers_prepare_cpu. The manipulation leads to state issue.
The identification of this vulnerability is CVE-2024-57951. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Netwrix simplifies managing vendor and third-party access
5 months 2 weeks ago
Netwrix released the new component of Netwrix Privilege Secure, which simplifies secure remote access for distributed workforces and third-party vendors. The new add-on reduces the attack surface by eliminating traditional VPN dependencies through granular, identity-based access control. It enables employees to access critical systems securely from any location, grants just-in-time privileges to reduce risks, and simplifies managing vendor and third-party access with temporary, controlled permissions. “As more organizations adopt Zero Trust Architecture, securing remote access has … More →
The post Netwrix simplifies managing vendor and third-party access appeared first on Help Net Security.
Industry News
Akira
5 months 2 weeks ago
cohenido
Defying tunneling: A Wicked approach to detecting malicious network traffic
5 months 2 weeks ago
Follow the yellow brick tunnel for malware analysis of RATs and worms and spyware, oh my! Read our deep dive on network tunneling.
Tony Lambert
RansomHub
5 months 2 weeks ago
cohenido
RansomHub
5 months 2 weeks ago
cohenido
RansomHub
5 months 2 weeks ago
cohenido
RansomHub
5 months 2 weeks ago
cohenido
RansomHub
5 months 2 weeks ago
cohenido
RansomHub
5 months 2 weeks ago
cohenido
RansomHub
5 months 2 weeks ago
cohenido
Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability
5 months 2 weeks ago
Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container's isolation protections and gain complete access to the underlying host.
The new vulnerability is being tracked as CVE-2025-23359 (CVSS score: 8.3). It affects the following versions -
NVIDIA Container Toolkit (All
The Hacker News