Aggregator
CVE-2024-53134 | Linux Kernel up to 6.6.62/6.11.9 pmdomain onecell_data.num_domains denial of service (8fc228ab5d38/201fb9e164a1/f7c7c5aa5563)
9 months ago
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.6.62/6.11.9. Affected by this issue is the function onecell_data.num_domains of the component pmdomain. The manipulation leads to denial of service.
This vulnerability is handled as CVE-2024-53134. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53138 | Linux Kernel up to 6.1.118/6.6.62/6.11.9 Page Refcount get_page null pointer dereference
9 months ago
A vulnerability classified as problematic was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. Affected by this vulnerability is the function get_page of the component Page Refcount Handler. The manipulation leads to null pointer dereference.
This vulnerability is known as CVE-2024-53138. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53139 | Linux Kernel up to 6.6.62/6.11.9 net/core/dev.c sctp_v6_available use after free (ad975697211f/05656a665927/eb72e7fcc839)
9 months ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.6.62/6.11.9. Affected is the function sctp_v6_available of the file net/core/dev.c. The manipulation leads to use after free.
This vulnerability is traded as CVE-2024-53139. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
A Threat Actor is Claiming to Sell 400 Credit Cards from Turkey
9 months ago
A Threat Actor is Claiming to Sell 400 Credit Cards from Turkey
Dark Web Informer - Cyber Threat Intelligence
Veeam addressed critical Service Provider Console (VSPC) bug
9 months ago
Veeam addressed a critical vulnerability in Service Provider Console (VSPC) that could allow remote attackers to execute arbitrary code. Veeam released security updates for a critical vulnerability, tracked as CVE-2024-42448 (CVSS score of 9.9) impacting Service Provider Console. Successful exploitation of the flaw can potentially lead to remote code execution on vulnerable installs. Veeam Service […]
Pierluigi Paganini
The TechBeat: Introducing the Rootstock Hacktivator Program (12/4/2024)
9 months ago
The TechBeat: Introducing the Rootstock Hacktivator Program (12/4/2024)
CVE-2024-53131 | Linux Kernel up to 6.1.118/6.6.62/6.11.9 nilfs2 touch_buffer null pointer dereference
9 months ago
A vulnerability was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. It has been rated as problematic. This issue affects the function touch_buffer of the component nilfs2. The manipulation leads to null pointer dereference.
The identification of this vulnerability is CVE-2024-53131. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53130 | Linux Kernel up to 6.1.118/6.6.62/6.11.9 mark_buffer_dirty null pointer dereference
9 months ago
A vulnerability was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. It has been declared as problematic. This vulnerability affects the function mark_buffer_dirty. The manipulation leads to null pointer dereference.
This vulnerability was named CVE-2024-53130. The attack can only be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53129 | Linux Kernel up to 6.1.118/6.6.62/6.11.9 vop_plane_atomic_async_check null pointer dereference
9 months ago
A vulnerability was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. It has been classified as critical. This affects the function vop_plane_atomic_async_check. The manipulation leads to null pointer dereference.
This vulnerability is uniquely identified as CVE-2024-53129. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53126 | Linux Kernel up to 6.6.62/6.11.9 solidrun psnet_open_pf_bar use after free (d372dd09cfbf/5bb287da2d2d/0b364cf53b20)
9 months ago
A vulnerability was found in Linux Kernel up to 6.6.62/6.11.9 and classified as critical. Affected by this issue is the function psnet_open_pf_bar of the component solidrun. The manipulation leads to use after free.
This vulnerability is handled as CVE-2024-53126. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53133 | Linux Kernel up to 6.11.9 AMD Display dc_state_copy_internal allocation of resources (874ff59cde8f/6825cb07b79f)
9 months ago
A vulnerability has been found in Linux Kernel up to 6.11.9 and classified as critical. Affected by this vulnerability is the function dc_state_copy_internal of the component AMD Display. The manipulation leads to allocation of resources.
This vulnerability is known as CVE-2024-53133. Access to the local network is required for this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53132 | Linux Kernel up to 6.11.9 Privilege Escalation (ed7cd3510d8d/c0403e4ceeca)
9 months ago
A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.11.9. Affected is an unknown function. The manipulation leads to Privilege Escalation.
This vulnerability is traded as CVE-2024-53132. The attack needs to be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53125 | Linux Kernel up to 6.11.5 sync_linked_regs random values (e2ef0f317a52/e9bd9c498cb0)
9 months ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.11.5. This issue affects the function sync_linked_regs. The manipulation leads to insufficiently random values.
The identification of this vulnerability is CVE-2024-53125. The attack needs to be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53135 | Linux Kernel up to 6.1.118/6.6.62/6.11.9 VMX information disclosure
9 months ago
A vulnerability classified as problematic was found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. This vulnerability affects unknown code of the component VMX. The manipulation leads to information disclosure.
This vulnerability was named CVE-2024-53135. The attack can only be initiated within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-53127 | Linux Kernel up to 6.1.118/6.6.62/6.11.9 dw_mmc buffer overflow
9 months ago
A vulnerability classified as critical has been found in Linux Kernel up to 6.1.118/6.6.62/6.11.9. This affects an unknown part of the component dw_mmc. The manipulation leads to buffer overflow.
This vulnerability is uniquely identified as CVE-2024-53127. The attack can only be done within the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
俄罗斯法庭判处暗网市场 Hydra 负责人终身监禁
9 months ago
俄罗斯法庭罕见的重刑判处了该国的网络罪犯。Stanislav Moiseyev 被认为是俄罗斯暗网市场 Hydra 的负责人,Hydra 的基础设施于 2022 年被德国警方查封,被关闭前它是最大的网络犯罪论坛,客户多达 1700 万,交易量达到了 50 亿美元。Moiseyev 被判处终身监禁和 400 万卢布罚款,其他 15 名共犯分别被判处 8-23 年徒刑,以及总计 1600 万卢布的罚款。俄罗斯还同一时间逮捕了与 Babuk、Conti、DarkSide、Hive 和 LockBit 等勒索软件组织有关联的通缉犯 Mikhail Matveyev。美国国务院在 2023 年宣布为提供线索逮捕 Matveyev 的人提供高达 1000 万美元的赏金。
Six password takeaways from the updated NIST cybersecurity framework
9 months ago
Updated NIST guidelines reject outdated password security practices in favor of more effective protections. Learn from Specops Software about 6 takeaways from NIST's new guidance that help create strong password policies. [...]
Sponsored by Specops Software
Navigating the Changing Landscape of Cybersecurity Regulations
9 months ago
The evolving regulatory environment presents both challenges and opportunities for businesses.
Michael McLaughlin
华为 Mate 70 Pro+ 影像体验:意料之外,却也情理之中的「本色」表达
9 months ago
华为 Mate 70 Pro+ 影像体验:意料之外,却也情理之中的「本色」表达