Aggregator

A vulnerability was found in X.org X11 Server up to 1.19.4. It has been rated as critical. This impacts an unknown function of the component XFree86 VidModeExtension. The manipulation leads to unchecked error condition. This vulnerability is referenced as CVE-2017-12180. The attack can only be performed from a local environment. No exploit is available. Upgrading the affected component is advised.

A vulnerability categorized as critical has been discovered in X.org X11 Server up to 1.19.4. Affected is an unknown function of the component XFree86 DGA Extension. The manipulation results in unchecked error condition. This vulnerability is identified as CVE-2017-12181. The attack is only possible with local access. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in X.org X11 Server up to 1.19.4. Affected by this vulnerability is an unknown functionality of the component XFree86 DRI Extension. This manipulation causes unchecked error condition. This vulnerability is tracked as CVE-2017-12182. The attack is restricted to local execution. No exploit exists. You should upgrade the affected component.

One Unexpected SOC 2 Challenge: Overcoming Cultural Resistance to Security-First Thinking When companies start their SOC 2 journey, most expect the technical checklist: configure access controls, deploy logging, and gather evidence. But what we’ve consistently seen with our customers is that the toughest part isn’t the technology. It’s the culture. SOC 2 compliance is often […]

The post One unexpected challenge organizations face while implementing SOC 2 first appeared on TrustCloud.

The post One unexpected challenge organizations face while implementing SOC 2 appeared first on Security Boulevard.

Attackers have begun leveraging a seemingly innocuous PDF newsletter alongside a malicious Windows shortcut (LNK) file to infiltrate enterprise environments. The attack surfaced in late August 2025, targeting South Korean academic and government institutions under the guise of a legitimate “국가정보연구회 소식지 (52호)” PDF newsletter. Victims receive an archive containing both the PDF decoy and […]

The post Hackers Weaponize PDF Along With a Malicious LNK File to Compromise Windows Systems appeared first on Cyber Security News.

Q-chip из Пенсильвании превратил оптоволокно в транспорт для запутанных частиц.

A new report from PinnacleOne reveals the rise of cyber risks in UK construction and offers guidance for CISOs in this critical industry.

Auditing must be seen for what it truly can be: a multiplier of trust, not a bottleneck of progress.

By mid-2025, training drives nearly 80% of AI crawling, while referrals to publishers (especially from Google) are falling and crawl-to-refer ratios show AI consumes far more than it sends back.

Troubleshoot network connectivity issues by using Cloudflare AI-Power to quickly self diagnose and resolve WARP client and network issues.

Today, we're excited to announce new capabilities that make it easier than ever to build real-time, voice-enabled AI applications on Cloudflare's global network.

We're now leveraging our internal LLM, Cloudy, to generate automated summaries within our Email Security product, helping SOC teams better understand what's happening within flagged messages.

Jason Bilnoski with the FBI’s cyber division told CyberScoop that investigators seized on the mistakes of companies China has used in its widespread cyberespionage.

The post Top FBI official says Chinese reliance on domestic firms for hacking is a weakness appeared first on CyberScoop.

A vulnerability, which was classified as problematic, was found in X.org X11 5.0. This affects an unknown part of the component SUN-DES-1 Handler. Such manipulation leads to null pointer dereference. This vulnerability is listed as CVE-2014-8091. The attack may be performed from a remote location. There is no available exploit. This vulnerability has historical importance owing to its background and reception. You should upgrade the affected component.

A vulnerability has been found in X.org X11 1.0 and classified as critical. This vulnerability affects the function ProcPutImage/GetHosts/RegionSizeof/REQUEST_FIXED_SIZE. Performing manipulation results in integer overflow. This vulnerability is cataloged as CVE-2014-8092. It is possible to initiate the attack remotely. There is no exploit available. This vulnerability is considered historic because of its background and reception. The affected component should be upgraded.

A vulnerability identified as critical has been detected in XFree86 and X11. Affected by this issue is the function __glXSeparableFilter2DReqSize of the component GLX Extension. Performing manipulation results in integer overflow. This vulnerability was named CVE-2014-8093. The attack may be initiated remotely. There is no available exploit. You should upgrade the affected component.

A vulnerability labeled as critical has been found in XFree86 and X11. This affects the function ProcDRI2GetBuffers. Executing manipulation can lead to integer overflow. The identification of this vulnerability is CVE-2014-8094. The attack may be launched remotely. There is no exploit available.

A vulnerability marked as critical has been reported in XFree86 and X11 1.16.2/1.16.2.99.901. This vulnerability affects the function SProcXIWarpPointer. The manipulation leads to memory corruption. This vulnerability is referenced as CVE-2014-8095. Remote exploitation of the attack is possible. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability described as critical has been identified in XFree86 and X11 1.16.2. This issue affects the function SProcXCMiscGetXIDList. The manipulation results in memory corruption. This vulnerability is identified as CVE-2014-8096. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in XFree86 and X11 1.16.2/1.16.2.99.901/4/4.0.1. Impacted is the function SProcDbeSwapBuffers of the component DBE Extension. This manipulation causes memory corruption. This vulnerability is tracked as CVE-2014-8097. The attack is possible to be carried out remotely. No exploit exists. It is recommended to upgrade the affected component.