Aggregator

X Chat обещает приватность, которой никогда не было у конкурентов.

The Australian Signals Directorate (ASD) has issued a bulletin about ongoing cyber attacks targeting unpatched Cisco IOS XE devices in the country with a previously undocumented implant known as BADCANDY. The activity, per the intelligence agency, involves the exploitation of CVE-2023-20198 (CVSS score: 10.0), a critical vulnerability that allows a remote, unauthenticated attacker to create an

Anthropic признала процессуальную ошибку только после публичного скандала с отчётом безопасности.

新冠疫情爆发后，各国采取了封锁、社交距离和旅行限制等公共卫生措施，旨在通过避免密切接触减少病毒传播。根据发表在《科学》期刊上的一项研究，人类并非是唯一一种改变空间环境以降低疫情风险的动物。黑花园蚁（Lasius niger）会改变巢穴结构减缓疫情爆发——相当于昆虫版的社交隔离。研究人员首先观察了两组蚂蚁挖掘巢穴，然后让其中一组暴露在绿僵菌（Metarhizium brunneum）孢子中，利用 micro-CT 扫描巢穴在之后数天内的结构变化。研究团队发现，暴露在绿僵菌孢子的蚂蚁巢穴入口平均距离增加了约 6 毫米，在偏僻地方建造了更长更曲折的巢室，蚂蚁甚至挖掘了多条隧道，可能是为了避免接触而设置的替代运输路线。

A vulnerability has been found in Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0 and classified as critical. This vulnerability affects the function rtl8187_stop. Performing manipulation results in null pointer dereference. This vulnerability is identified as CVE-2025-38604. The attack can only be performed from the local network. There is not any exploit available. The affected component should be upgraded.

This appears to be a false positive. Please validate the mentioned sources and consider excluding this entry altogether.

A vulnerability was found in Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0. It has been classified as problematic. Impacted is the function alloc_ordered_workqueue of the component iwlwifi. The manipulation leads to unchecked return value. This vulnerability is listed as CVE-2025-38602. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability described as critical has been identified in Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0. Affected by this issue is the function ath11k_hal_dump_srng_stats. The manipulation results in denial of service. This vulnerability is known as CVE-2025-38601. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.15.9/6.16.0. Affected is the function mt7996_tx of the component wifi. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2025-38599. The attack can only be initiated within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.16.0. Affected by this vulnerability is the function mt7925_mcu_hw_scan of the component wifi. The manipulation of the argument ssids[] results in off-by-one. This vulnerability was named CVE-2025-38600. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.15.9/6.16.0. The affected element is the function drm_crtc_init_with_planes. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2025-38597. The attacker needs to be present on the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.16.0. This impacts the function amdgpu_userq_suspend. Performing manipulation results in use after free. This vulnerability is reported as CVE-2025-38598. The attacker must have access to the local network to execute the attack. No exploit exists. You should upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.16.0. Impacted is the function panthor_gem_create_with_handle. The manipulation results in improper initialization. This vulnerability is reported as CVE-2025-38596. The attacker must have access to the local network to execute the attack. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.41/6.15.9/6.16.0. This vulnerability affects the function dmabuf_exp_from_pages of the component xen. This manipulation causes use after free. This vulnerability is tracked as CVE-2025-38595. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.16.0 and classified as critical. This affects the function intel_pasid_tear_down_entry in the library lib/refcount.c. The manipulation leads to use after free. This vulnerability is listed as CVE-2025-38594. The attack must be carried out from within the local network. There is no available exploit. The affected component should be upgraded.

一位高二学生开发的免费AI情感树洞应用FeelFlow上线iOS平台，用户可通过文字记录心情与思绪，AI分析情绪并生成温暖回应，还有情绪分析图、关键词云与分类统计功能。

A vulnerability classified as critical was found in Linux Kernel up to 6.12.41/6.15.9/6.16.0. Impacted is the function hci_discovery_filter_clear of the component Bluetooth. Such manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2025-38593. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.15.9/6.16.0. Affected by this issue is the function hci_devcd_dump of the component Bluetooth. The manipulation leads to out-of-bounds read. This vulnerability is referenced as CVE-2025-38592. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.6.101/6.12.41/6.15.9/6.16.0. Affected by this vulnerability is the function __xfrm_policy_check of the component net. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2025-38590. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.9/6.16.0. It has been rated as critical. This impacts the function neigh_flush_dev of the component IPv6 Module. This manipulation causes excessive iteration. This vulnerability appears as CVE-2025-38589. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.