Aggregator

A vulnerability was found in Linux Kernel up to 6.11.6. It has been declared as critical. Impacted is the function hdcp2_get_capability. The manipulation results in null pointer dereference. This vulnerability is reported as CVE-2024-53050. The attacker must have access to the local network to execute the attack. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability identified as problematic has been detected in Linux Kernel up to 6.11.7. Impacted is the function kmalloc of the component slab. This manipulation causes state issue. This vulnerability is handled as CVE-2024-53065. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.11.7. Affected by this vulnerability is the function frequency_range_store of the file drivers/media/pci/mgb4/mgb4_cmt.c. The manipulation results in information disclosure. This vulnerability was named CVE-2024-53062. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.11.6. It has been rated as critical. The affected element is the function intel_hdcp_get_capability of the component hdcp. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2024-53051. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.11.6. This affects the function mtk_crtc_destroy of the component mediatek. Performing manipulation results in null pointer dereference. This vulnerability is known as CVE-2024-53056. Access to the local network is required for this attack. No exploit is available. You should upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.10.229/5.15.171/6.1.115/6.6.59/6.11.6. This impacts the function kiocb_start_write of the component io_uring. The manipulation leads to deadlock. This vulnerability is referenced as CVE-2024-53052. The attack needs to be initiated within the local network. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. Affected is an unknown function. The manipulation results in memory corruption. This vulnerability is identified as CVE-2024-53055. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. Affected by this vulnerability is the function stmmac_tx_clean. This manipulation causes improper validation of array index. This vulnerability is tracked as CVE-2024-53058. The attack is only possible within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.11.7. Affected by this issue is the function dvb_register_device. This manipulation causes out-of-bounds read. The identification of this vulnerability is CVE-2024-53063. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.11.7. This affects the function decode_getfattr_attrs of the component nfs. Such manipulation leads to improper initialization. This vulnerability is referenced as CVE-2024-53066. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

该网站使用技术性、分析性和用户画像类Cookie以确保导航功能、优化用户体验并提供个性化广告。用户可通过Cookie Center管理偏好或访问Cookie Policy获取更多信息。

本文探讨了商业电子邮件妥协（BEC）的威胁及其检测方法。通过启用统一审核日志（UAL），组织可以跟踪邮件访问事件。文章详细介绍了如何分析邮件访问事件，包括检查节流、同步和绑定事件，并强调了通过审核日志识别可疑活动的重要性。最终结论指出，预防措施如多因素认证和用户教育是应对BEC的关键策略。

9 октября 2025 SECURITM проведет воркшоп по системному управлению безопасностью.

Адвокаты придумали целое ассорти «отмазок» за липовые ИИ-цитаты в своих документах. Ни одна пока не помогла избежать наказания.

In this Help Net Security interview, Robert Sullivan, CIO & CISO at Agero, shares his perspective on automotive cybersecurity. He discusses strategies for developing mature security programs, meeting regulatory requirements, and addressing supply chain risks. Sullivan also looks ahead to how AI and other emerging technologies will shape the future of cybersecurity. What does a mature automotive cybersecurity program look like, and how can organizations measure their progress? A mature cybersecurity program must have a … More →

The post Building a mature automotive cybersecurity program beyond checklists appeared first on Help Net Security.

A vulnerability identified as critical has been detected in Ajax WooSearch Plugin up to 1.0.0 on WordPress. This affects an unknown part. This manipulation causes sql injection. This vulnerability appears as CVE-2025-9697. The attack may be initiated remotely. There is no available exploit.

A vulnerability categorized as critical has been discovered in CTL Behance Importer Lite Plugin up to 1.0 on WordPress. Affected by this issue is some unknown functionality. The manipulation results in sql injection. This vulnerability is reported as CVE-2025-9587. The attack can be launched remotely. No exploit exists.

A vulnerability was found in Neto E-Commerce CMS. It has been rated as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument kw leads to cross site scripting. This vulnerability is documented as CVE-2024-57494. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in Neto CMS 6.313.x/6.314.0. It has been declared as problematic. Affected is an unknown function of the component HTTP Request Handler. Executing manipulation can lead to crlf injection. This vulnerability is registered as CVE-2025-28357. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in Keyence KV Studio, VT5-WX12 and VT5-WX15. It has been classified as critical. This impacts an unknown function. Performing manipulation results in stack-based buffer overflow. This vulnerability is cataloged as CVE-2025-58775. It is possible to initiate the attack remotely. There is no exploit available.