Aggregator

Вы думаете, что открываете дверь к прибыли, но на деле – к собственному взлому

Ученые наконец поймали частицу между двумя мирами.

A vulnerability was found in Checkmk up to 2.1.0p50/2.2.0p39/2.3.0p26. It has been classified as problematic. This affects an unknown part. The manipulation leads to sensitive information in log files. This vulnerability is uniquely identified as CVE-2025-1075. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Checkmk up to 2.1.0p50/2.2.0p39/2.3.0p26. It has been classified as problematic. This affects an unknown part. The manipulation leads to sensitive information in log files. This vulnerability is uniquely identified as CVE-2025-1075. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Linux Kernel up to 4.14.237/4.19.195/5.4.127/5.10.45/5.12.12. It has been declared as problematic. This vulnerability affects the function dst_clone in the library include/net/dst.h of the component bridge. The manipulation leads to use after free. This vulnerability was named CVE-2021-47222. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.10/6.12.1 and classified as critical. Affected by this issue is the function bnxt_set_rx_skb_mode. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-53209. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.63/6.11.10/6.12.1 and classified as critical. This issue affects the function open_cached_dir of the component smb. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-53177. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.6.63/6.11.10/6.12.1. Affected is the function bfq_limit_depth. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-53166. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Всего один неверный клик – и ваш пароль улетает в Гонконг.

96%安全专家认可的AI安全神器！Semgrep Assistant让代码误报率直降40%。 Semgrep推出AI安全助手功能，通过智能降噪和自动分析记忆功能，帮助开发者减少40%重复性安全告警处理工作。

96%安全专家认可的AI安全神器！Semgrep Assistant让代码误报率直降40%。 Semgrep推出AI安全助手功能，通过智能降噪和自动分析记忆功能，帮助开发者减少40%重复性安全告警处理工作。