Aggregator

A vulnerability was found in Linux Kernel up to 6.1.130/6.6.82/6.12.18/6.13.6. It has been rated as critical. This issue affects the function mgmt_alloc_skb of the component Bluetooth. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2025-21937. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.13.6. It has been classified as critical. This affects the function update_mmu_cache_range of the component pgtable. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2025-21933. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Linux Kernel up to 6.12.18/6.13.6. This vulnerability affects unknown code in the library /include/linux/swapops.h of the component memory_hotplug. The manipulation leads to state issue. This vulnerability was named CVE-2025-21931. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.12.18/6.13.6. This issue affects the function nvme_tcp_recv_pdu of the component Header Length Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2025-21927. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.12.18/6.13.6. This issue affects the function vma_modify of the component mm. The manipulation leads to allocation of resources. The identification of this vulnerability is CVE-2025-21932. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.12.18/6.13.6 and classified as critical. Affected by this vulnerability is an unknown functionality of the file drivers/net/wireless/inel/iwlwifi/iwl-trans.c. The manipulation leads to state issue. This vulnerability is known as CVE-2025-21930. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.13.6. This issue affects the function skb_get of the file net/llc/llc_s_ac.c. The manipulation leads to state issue. The identification of this vulnerability is CVE-2025-21925. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.13.6 and classified as critical. This issue affects the function __udp_gso_segment in the library /include/linux/skbuff.h. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2025-21926. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.13.6. Affected is the function ishtp_hid_remove. The manipulation leads to use after free. This vulnerability is traded as CVE-2025-21928. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.12.18/6.13.6. Affected is the function ethnl_req_get_phydev. The manipulation leads to denial of service. This vulnerability is traded as CVE-2025-21921. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 6.6.82/6.12.18/6.13.6. This affects the function client_hdev. The manipulation leads to use after free. This vulnerability is uniquely identified as CVE-2025-21923. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.13.6. It has been rated as problematic. This issue affects the function dev_mc_add. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2025-21920. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.13.6. It has been declared as critical. This vulnerability affects the function usbhsc_notify_hotplug of the component USB Driver. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2025-21917. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.82/6.12.18/6.13.6. It has been rated as critical. This issue affects some unknown processing of the component ucsi. The manipulation leads to null pointer dereference. The identification of this vulnerability is CVE-2025-21918. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in cPanel 10.9.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file frontend/x/htaccess/changepro.html. The manipulation of the argument resname leads to basic cross site scripting. This vulnerability is known as CVE-2007-4022. The attack can be launched remotely. Furthermore, there is an exploit available.

OpenAI 神秘新模型斩获 IMO 2025 金牌，攻克奥数巅峰；科技巨头态度迥异：微软倾向于签署欧盟 AI 准则，Meta 直言无法接受；特朗普签署稳定币法案，加密货币行业取得重大胜利

当前环境异常，需完成验证后继续访问。

SubHunterX is a powerful bug bounty automation framework designed to silently map attack surfaces and uncover critical vulnerabilities. By combining military-grade reconnaissance techniques with intelligent automation, SubHunterX gives security professionals the edge in identifying...

The post SubHunterX: The Automation Framework for Ultimate Bug Bounty Hunting appeared first on Penetration Testing Tools.

A vulnerability, which was classified as critical, was found in Microsoft Internet Explorer 11. This affects the function CSpliceTreeEngine::RemoveSplice of the component MSHTML. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2014-1785. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.