Aggregator

CVE-2024-50292 | Linux Kernel up to 5.10.229/5.15.171/6.1.116/6.6.60/6.11.7 stm32_spdifrx_remove null pointer dereference (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.229/5.15.171/6.1.116/6.6.60/6.11.7. This vulnerability affects the function stm32_spdifrx_remove. Executing manipulation can lead to null pointer dereference. This vulnerability is tracked as CVE-2024-50292. The attack is only possible within the local network. No exploit exists. You should upgrade the affected component.
vuldb.com

CVE-2024-50299 | Linux Kernel up to 6.11.7 sctp_sf_ootb state issue (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.11.7. This impacts the function sctp_sf_ootb. Executing manipulation can lead to state issue. This vulnerability appears as CVE-2024-50299. The attacker needs to be present on the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-50301 | Linux Kernel up to 6.11.7 search_nested_keyrings out-of-bounds (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 6.11.7. This affects the function search_nested_keyrings. Executing manipulation can lead to out-of-bounds read. This vulnerability is handled as CVE-2024-50301. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2024-53042 | Linux Kernel up to 6.11.6 ipv4 net/core/dev.c ip_tunnel_init_flow stack-based overflow (Nessus ID 211777 / WID-SEC-2024-3509)

Vuldb Updates
8 months 2 weeks ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.11.6. Impacted is the function ip_tunnel_init_flow of the file net/core/dev.c of the component ipv4. Such manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2024-53042. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.
vuldb.com

Splunk Enterprise Flaws Allow Attackers to Run Unauthorized JavaScript Code

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
8 months 2 weeks ago

Splunk released security advisories addressing multiple vulnerabilities affecting various versions of Splunk Enterprise and Splunk Cloud Platform. The flaws range from cross-site scripting (XSS) vulnerabilities to access control bypasses, with CVSS scores ranging from 4.6 to 7.5. Critical Vulnerabilities Identified The security advisories reveal six distinct vulnerabilities that primarily affect Splunk Web components. Two cross-site […]

The post Splunk Enterprise Flaws Allow Attackers to Run Unauthorized JavaScript Code appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2024-50281 | Linux Kernel up to 6.11.7 dcp null pointer dereference (c75e0272289e/04de7589e0a9 / Nessus ID 216493)

Vuldb Updates
8 months 2 weeks ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.11.7. Affected by this vulnerability is an unknown functionality of the component dcp. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2024-50281. The attack needs to be initiated within the local network. No exploit is available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2024-50271 | Linux Kernel up to 6.1.116/6.6.60/6.11.7 Signal inc_rlimit_get_ucounts comparison (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 6.1.116/6.6.60/6.11.7. Affected is the function inc_rlimit_get_ucounts of the component Signal Handler. Executing manipulation can lead to incorrect comparison. The identification of this vulnerability is CVE-2024-50271. The attack needs to be done within the local network. There is no exploit available. The affected component should be upgraded.
vuldb.com

CVE-2024-50279 | Linux Kernel up to 6.11.7 dm cache cache_preresume out-of-bounds (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.11.7. This issue affects the function cache_preresume of the component dm cache. Performing manipulation results in out-of-bounds read. This vulnerability is cataloged as CVE-2024-50279. The attack must originate from the local network. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2024-50278 | Linux Kernel up to 6.11.7 dm cache cache_create out-of-bounds (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability classified as problematic has been found in Linux Kernel up to 6.11.7. Impacted is the function cache_create of the component dm cache. Performing manipulation results in out-of-bounds read. This vulnerability is identified as CVE-2024-50278. The attack can only be performed from the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-50284 | Linux Kernel up to 6.1.116/6.3/6.6.60/6.11.7 ksmbd xa_store allocation of resources (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability described as problematic has been identified in Linux Kernel up to 6.1.116/6.3/6.6.60/6.11.7. Affected is the function xa_store of the component ksmbd. The manipulation results in allocation of resources. This vulnerability was named CVE-2024-50284. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

CVE-2024-50287 | Linux Kernel up to 6.11.7 tpg_precalculate_line divide by zero (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability classified as problematic was found in Linux Kernel up to 6.11.7. Affected by this issue is the function tpg_precalculate_line. Such manipulation leads to divide by zero. This vulnerability is referenced as CVE-2024-50287. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.
vuldb.com

CVE-2024-50290 | Linux Kernel up to 6.11.7 cx24116 buffer overflow (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.11.7. It has been declared as critical. The impacted element is an unknown function of the component cx24116. Such manipulation leads to buffer overflow. This vulnerability is documented as CVE-2024-50290. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-50266 | Linux Kernel up to 6.11.7 clk-branch.c denial of service (d055f6f2bdfb/f903663a8dcd / Nessus ID 216493)

Vuldb Updates
8 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.11.7. It has been classified as critical. This affects an unknown function of the file drivers/clk/qcom/clk-branch.c. This manipulation causes denial of service. This vulnerability appears as CVE-2024-50266. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is recommended.
vuldb.com

CVE-2024-50265 | Linux Kernel up to 6.11.7 ocfs2_xa_remove null pointer dereference (Nessus ID 211777 / WID-SEC-2024-3497)

Vuldb Updates
8 months 2 weeks ago
A vulnerability was found in Linux Kernel up to 6.11.7. It has been rated as critical. Affected is the function ocfs2_xa_remove. Performing manipulation results in null pointer dereference. This vulnerability is known as CVE-2024-50265. Access to the local network is required for this attack. No exploit is available. Upgrading the affected component is advised.
vuldb.com

The energy sector is ground zero for global cyber activity

Help Net Security
8 months 2 weeks ago

A new study from the Karlsruhe Institute of Technology shows how geopolitical tensions shape cyberattacks on power grids, fuel systems, and other critical infrastructure. How the research was done Researchers reviewed major cyber threat databases including MITRE ATT&CK Groups, CSIS, ThaiCERT, Malpedia, EuRepoC, and the AI Incident Database. Each source reports information differently. Some use structured formats like JSON or tables that are easy to analyze. Others rely on long descriptive text that is harder … More →

The post The energy sector is ground zero for global cyber activity appeared first on Help Net Security.

Sinisa Markovic

Shutdown Snares Federal Cybersecurity Personnel

DataBreachToday.com
8 months 2 weeks ago
US Cyber Defense Agency Faces 65% Furlough Rate Amid Federal Shutdown
The U.S. federal government shutdown has slashed staff at the nation's cyber defense agency and other key cyber entities, freezing daily operations, stalling grants and weakening threat coordination as state and local systems brace for lapses in federal support.

Google Drive Desktop Gets AI-Powered Ransomware Detection to Block Cyberattacks

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
8 months 2 weeks ago

Google has unveiled a groundbreaking AI-powered ransomware detection system for its Drive desktop application, representing a significant advancement in cybersecurity protection for organizations worldwide. This innovative feature automatically halts file synchronization when malicious encryption attempts are detected, preventing widespread data corruption across enterprise networks. Google Drive desktop ransomware detection alert with file syncing paused and […]

The post Google Drive Desktop Gets AI-Powered Ransomware Detection to Block Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Gunra

Dark Feed IO
8 months 2 weeks ago

You must login to view this content

cohenido

Managed ad