Aggregator

一位高二学生开发的免费AI情感树洞应用FeelFlow上线iOS平台，用户可通过文字记录心情与思绪，AI分析情绪并生成温暖回应，还有情绪分析图、关键词云与分类统计功能。

A vulnerability classified as critical was found in Linux Kernel up to 6.12.41/6.15.9/6.16.0. Impacted is the function hci_discovery_filter_clear of the component Bluetooth. Such manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2025-38593. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.15.9/6.16.0. Affected by this issue is the function hci_devcd_dump of the component Bluetooth. The manipulation leads to out-of-bounds read. This vulnerability is referenced as CVE-2025-38592. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.6.101/6.12.41/6.15.9/6.16.0. Affected by this vulnerability is the function __xfrm_policy_check of the component net. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2025-38590. Access to the local network is required for this attack to succeed. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.15.9/6.16.0. It has been rated as critical. This impacts the function neigh_flush_dev of the component IPv6 Module. This manipulation causes excessive iteration. This vulnerability appears as CVE-2025-38589. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.16.0. It has been rated as critical. Affected by this issue is the function convert_ctx_accesses of the component bpf. Performing manipulation results in denial of service. This vulnerability is reported as CVE-2025-38591. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0 and classified as critical. Affected by this vulnerability is the function fib6_info_uses_dev of the component ipv6. This manipulation causes infinite loop. This vulnerability is tracked as CVE-2025-38587. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0. It has been declared as critical. This vulnerability affects the function rt6_nlmsg_size of the component ipv6. Executing manipulation can lead to infinite loop. This vulnerability is registered as CVE-2025-38588. The attack requires access to the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.41/6.15.9/6.16.0. Affected is the function find_used_callee_regs. The manipulation results in improper initialization. This vulnerability is identified as CVE-2025-38586. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.147/6.6.101/6.12.41/6.15.9/6.16.0. It has been classified as critical. This affects the function pll_post. Performing manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2025-38583. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.15.9/6.16.0. This affects the function padata_reorder. Executing manipulation can lead to improper update of reference count. This vulnerability appears as CVE-2025-38584. The attacker needs to be present on the local network. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.12.41/6.15.9/6.16.0. This affects the function gmin_get_var_int. The manipulation results in stack-based buffer overflow. This vulnerability is identified as CVE-2025-38585. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.12.41/6.15.9/6.16.0. This vulnerability affects the function free_mr_init of the component RDMA. The manipulation results in privilege escalation. This vulnerability was named CVE-2025-38582. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.

Юноши (62%) значительно чаще, чем девушки, проявляют агрессию в интернете.

黑猩猩是自然科学家。人类能面对矛盾证据时更新自身信念，这是所有科学研究的基础。黑猩猩也有类似的能力，能根据新证据的数量和质量更新自身信念。研究人员通过五项实验测试了生活在乌干达 Ngamba 岛黑猩猩自然保护区的 15-23 只黑猩猩，调查了它们根据不同证据修正决策的能力。研究发现，黑猩猩能综合考虑所有证据的相对强度进行决策。研究还发现，黑猩猩不仅对证据的类型敏感，而且对支持其选择的证据数量也很敏感。实验中黑猩猩在所有情况下做出理性选择的频率是做出非理性选择的两到三倍。这些发现表明，人类并非是唯一一种理性动物。

A vulnerability classified as critical has been found in Linux Kernel up to 6.17.2. This impacts an unknown function. Performing manipulation results in memory leak. This vulnerability was named CVE-2025-40069. The attack needs to be approached within the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in Sapido RB-1802 1.0.32. It has been classified as problematic. Affected by this issue is some unknown functionality of the file urlfilter.asp of the component URL Filtering Page. Performing manipulation of the argument URL address results in cross site scripting. This vulnerability is identified as CVE-2025-7554. The attack can be initiated remotely. Additionally, an exploit exists.

Мозг поверил, что ему снова 10. И вспомнил всё без машины времени.

Вымогатели активно используют устаревшую уязвимость в Linux CVE-2024-1086 на не обновлённых серверах.

Поддельные банковские приложения уже орудуют в Польше, Чехии и России.