Aggregator

Submit #412491 / VDB-278825

10.23现场见

看雪论坛作者ID：method

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.9.3. This affects the function dctcp_update_alpha of the component tcp. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2024-37356. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.8.5. Affected is the function dg_dispatch_as_host of the file drivers/misc/vmw_vmci/vmci_datagram.c of the component VMCI. The manipulation leads to Privilege Escalation. This vulnerability is traded as CVE-2024-35944. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.163/6.1.100/6.6.41/6.9.10. Affected is an unknown function of the component radeon. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-41060. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.161/6.1.94/6.6.34/6.9.5. It has been classified as critical. Affected is the function rdev_get_station of the component cfg80211. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-40911. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.95/6.6.35/6.9.6. It has been rated as critical. Affected by this issue is the function reset_work of the component mt7921s. The manipulation leads to deadlock. This vulnerability is handled as CVE-2024-40977. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was suspected in Linux Kernel up to 6.1.97/6.1.98/6.6.38/6.6.39/6.9.8. This issue was flagged as a false-positive. Please consult the sources mentioned and consider not using this entry at all.

A vulnerability was found in Webyapar. It has been rated as critical. This issue affects some unknown processing. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2007-4068. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Optergy Proton and Enterprise. It has been declared as very critical. This vulnerability affects unknown code of the component Console. The manipulation leads to command injection. This vulnerability was named CVE-2019-7276. The attack can be initiated remotely. Furthermore, there is an exploit available.

三周年庆典活动视频回顾请访问CSDN、稀士掘金微信公众号。

A vulnerability classified as very critical has been found in Oracle Retail Clearance Optimization Engine 13.4. This affects an unknown part of the component Dataset Component. The manipulation leads to deserialization. This vulnerability is uniquely identified as CVE-2016-5019. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.2 and classified as critical. Affected by this issue is the function smc_rreg of the component amdgpu. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2023-52817. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.4.138/5.10.56/5.13.5. This issue affects the function for_each_acpi_dev_match of the component ACPI. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2021-47289. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.10.221/5.15.162/6.1.97/6.6.38/6.9.8. Affected by this issue is some unknown functionality. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2024-42131. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

淘宝已支持微信支付9 月 27 日淘宝正式宣布，淘宝已支持支付宝、微信支付等多种支付方式，更新 APP 至最新版即可体验。从具体展示的页面看，消费者在完成商品选购后，在支付页面选择「微信支付」，即可完

Суд может приговорить британца к десяткам лет тюремного заключения.

США обвиняют хакеров из Ирана в попытке повлиять на выборы 2024 года.

Please fill out the form to read this article*** This is a Security Blogge