Aggregator

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.1.99/6.6.40/6.7/6.9.9. This impacts the function ks8851_start_xmit_spi. Such manipulation leads to deadlock. This vulnerability is documented as CVE-2024-41036. The attack requires being on the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.9.9. This affects an unknown function of the component cachestat. This manipulation causes privilege escalation. This vulnerability is registered as CVE-2024-41033. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.40/6.9.9 and classified as problematic. The affected element is the function addr_to_vb_xa of the component vmalloc. Such manipulation leads to privilege escalation. This vulnerability is documented as CVE-2024-41032. The attack requires being on the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.9.9. This issue affects the function __block_write_begin_int of the component nilfs2. Such manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2024-41034. The attack can only be initiated within the local network. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.9.9. The affected element is an unknown function of the component nvmem. The manipulation leads to permission issues. This vulnerability is listed as CVE-2024-41029. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.6.40/6.9.9. The impacted element is an unknown function in the library lib/xarray.c of the component filemap. The manipulation results in allocation of resources. This vulnerability is cataloged as CVE-2024-41031. The attack must originate from the local network. There is no exploit available. Upgrading the affected component is advised.

A vulnerability described as problematic has been identified in Linux Kernel up to 5.15.162/6.1.99/6.6.40/6.9.9. This affects the function userfaultfd_api of the file mm/memory.c. The manipulation results in privilege escalation. This vulnerability is identified as CVE-2024-41027. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.99/6.6.40/6.9.9. This impacts an unknown function of the component toshiba_acpi. This manipulation causes out-of-bounds read. This vulnerability is tracked as CVE-2024-41028. The attack is only possible within the local network. No exploit exists. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in alaneuler batteryKid up to 2.1 on macOS. The affected element is an unknown function of the file PrivilegeHelper/PrivilegeHelper.swift of the component NSXPCListener. This manipulation causes missing authentication. This vulnerability is handled as CVE-2025-9815. It is possible to launch the attack on the local host. Additionally, an exploit exists.

A vulnerability classified as critical was found in PHPGurukul Beauty Parlour Management System 1.1. Impacted is an unknown function of the file /admin/contact-us.php. The manipulation of the argument mobnumber results in sql injection. This vulnerability is known as CVE-2025-9814. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Submit #641358 / VDB-322142

A vulnerability classified as critical has been found in Tenda CH22 1.0.0.1. This issue affects the function formSetSambaConf of the file /goform/SetSambaConf. The manipulation of the argument samba_userNameSda leads to buffer overflow. This vulnerability is traded as CVE-2025-9813. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability described as critical has been identified in Tenda CH22 1.0.0.1. This vulnerability affects the function formexeCommand of the file /goform/exeCommand. Executing manipulation of the argument cmdinput can lead to buffer overflow. This vulnerability appears as CVE-2025-9812. The attack may be performed from remote. In addition, an exploit is available.

Submit #641305 / VDB-223126

A vulnerability marked as critical has been reported in Campcodes Farm Management System 1.0. This affects an unknown part of the file /reviewInput.php. Performing manipulation of the argument rating results in sql injection. This vulnerability is reported as CVE-2025-9811. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Submit #641237 / VDB-322141

Submit #641151 / VDB-322140

Submit #641148 / VDB-322139

Are Your Secrets Rotation Standards Meeting Expectations? Does your organization have a comprehensive secrets rotation system that instills confidence and satisfaction? Secrets rotation is a pivotal aspect of data management, especially concerning Non-Human Identities (NHIs). NHIs and secrets security management is a hot topic in every industry, from finance and healthcare to DevOps and SOC […]

The post Are You Fully Satisfied with Your Secrets Rotation? appeared first on Entro.

The post Are You Fully Satisfied with Your Secrets Rotation? appeared first on Security Boulevard.

Why Is NHI Lifecycle Management Essential? Are you ever curious why managing Non-Human Identities (NHIs) and their secrets is considered a crucial aspect of cybersecurity? It’s not just about maintaining secure systems; it’s about creating stability throughout the entire lifecycle of NHIs. To achieve harmony and security in a cloud, organizations need to gain a […]

The post Achieving Stability in NHI Lifecycle Management appeared first on Entro.

The post Achieving Stability in NHI Lifecycle Management appeared first on Security Boulevard.