Aggregator

CVE-2025-21874 | Linux Kernel up to 6.12.17/6.13.5 dm-integrity journal_sectors divide by zero (Nessus ID 236983 / WID-SEC-2025-0649)

Vuldb Updates
1 week 3 days ago
A vulnerability was found in Linux Kernel up to 6.12.17/6.13.5. It has been declared as problematic. This affects the function journal_sectors of the component dm-integrity. The manipulation results in divide by zero. This vulnerability is known as CVE-2025-21874. Access to the local network is required for this attack. No exploit is available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-21873 | Linux Kernel up to 6.6.80/6.12.17/6.13.5 bsg_transport_sg_io_fn denial of service (Nessus ID 236983 / WID-SEC-2025-0649)

Vuldb Updates
1 week 3 days ago
A vulnerability was found in Linux Kernel up to 6.6.80/6.12.17/6.13.5 and classified as critical. The affected element is the function bsg_transport_sg_io_fn. Executing manipulation can lead to denial of service. This vulnerability appears as CVE-2025-21873. The attacker needs to be present on the local network. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-21876 | Linux Kernel up to 6.12.17/6.13.5 vt-d enable_drhd_fault_handling deadlock (Nessus ID 236983 / WID-SEC-2025-0649)

Vuldb Updates
1 week 3 days ago
A vulnerability classified as critical was found in Linux Kernel up to 6.12.17/6.13.5. This affects the function enable_drhd_fault_handling of the component vt-d. The manipulation results in deadlock. This vulnerability is cataloged as CVE-2025-21876. The attack must be initiated from a local position. There is no exploit available. Upgrading the affected component is advised.
vuldb.com

CVE-2025-21872 | Linux Kernel up to 5.10.234/6.6.82/6.12.17/6.13.5 mm/early_ioremap.c early_memmap iteration (Nessus ID 236983 / WID-SEC-2025-0649)

Vuldb Updates
1 week 3 days ago
A vulnerability classified as problematic has been found in Linux Kernel up to 5.10.234/6.6.82/6.12.17/6.13.5. Affected by this issue is the function early_memmap of the file mm/early_ioremap.c. The manipulation leads to excessive iteration. This vulnerability is listed as CVE-2025-21872. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-43556 | Microsoft Windows up to Server 2022 23H2 Graphics use after free

Vuldb Updates
1 week 3 days ago
A vulnerability was found in Microsoft Windows. It has been declared as critical. The impacted element is an unknown function of the component Graphics. The manipulation results in use after free. This vulnerability is identified as CVE-2024-43556. The attack is only possible with local access. There is not any exploit available. It is best practice to apply a patch to resolve this issue.
vuldb.com

Your Enterprise LAN Security Is a Problem—Nile Can Fix It

Security Boulevard
1 week 3 days ago

For decades, the Local Area Network (LAN) has been the neglected, insecure backyard of the enterprise. While we’ve poured money and talent into fortifying our data centers and cloud environments, the LAN has remained a tangled mess of implicit trust, complicated IPAM spreadsheets, and security appliances bolted on like afterthoughts. It’s the place where “plug..

The post Your Enterprise LAN Security Is a Problem—Nile Can Fix It appeared first on Security Boulevard.

Tom Hollingsworth

Veeam Sets Data Graph Course Following Acquisition of Securiti AI

Security Boulevard
1 week 3 days ago

Veeam Software plans to expand the scope of its offerings into the realm of data security posture management (DSPM) following the closing of a $1.725 billion acquisition of Securiti AI. Securiti AI developed a DSPM platform based on a knowledge graph that makes it possible to track the relationships between various data sets and then..

The post Veeam Sets Data Graph Course Following Acquisition of Securiti AI appeared first on Security Boulevard.

Michael Vizard

CVE-2025-40096 | Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4/6.18-rc1 drm_sched_job_add_dependency double free (WID-SEC-2025-2450)

Vuldb Updates
1 week 3 days ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4/6.18-rc1. Affected by this issue is the function drm_sched_job_add_dependency. The manipulation leads to double free. This vulnerability is documented as CVE-2025-40096. The attack requires being on the local network. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-40094 | Linux Kernel up to 5.15.195/6.1.157/6.6.113/6.12.54/6.17.4 usb __free null pointer dereference (WID-SEC-2025-2450)

Vuldb Updates
1 week 3 days ago
A vulnerability has been found in Linux Kernel up to 5.15.195/6.1.157/6.6.113/6.12.54/6.17.4 and classified as critical. The impacted element is the function __free of the component usb. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-40094. The attack can only be initiated within the local network. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2025-40095 | Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4 usb __free null pointer dereference (WID-SEC-2025-2450)

Vuldb Updates
1 week 3 days ago
A vulnerability was found in Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4 and classified as critical. This affects the function __free of the component usb. The manipulation results in null pointer dereference. This vulnerability was named CVE-2025-40095. The attack needs to be approached within the local network. There is no available exploit. It is suggested to upgrade the affected component.
vuldb.com

CVE-2025-40093 | Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4 usb __free null pointer dereference (WID-SEC-2025-2450)

Vuldb Updates
1 week 3 days ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.157/6.6.113/6.12.54/6.17.4. The affected element is the function __free of the component usb. Executing manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2025-40093. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.
vuldb.com

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

The Hackers News
1 week 3 days ago
The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, some of whom are related to Russian ransomware gangs. AdaptixC2 is an emerging extensible post-exploitation and adversarial emulation framework designed for penetration testing. While the server component is written in Golang, the GUI Client is written in C++ QT for
The Hacker News

RediShell RCE Vulnerability Exposes 8,500+ Redis Instances to Code Execution Attacks

Cyber Security News
1 week 3 days ago

The cybersecurity landscape faced a critical threat in early October 2025 with the public disclosure of RediShell, a severe use-after-free vulnerability in Redis’s Lua scripting engine. Identified as CVE-2025-49844 and dubbed “RediShell” by Wiz researchers, this flaw enables attackers to escape the Lua sandbox restrictions and achieve host-level remote code execution on vulnerable systems. The […]

The post RediShell RCE Vulnerability Exposes 8,500+ Redis Instances to Code Execution Attacks appeared first on Cyber Security News.

Tushar Subhra Dutta

Managed ad