Aggregator

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.11.7. Affected by this issue is the function sunxi_musb_probe of the component USB. The manipulation leads to use after free. This vulnerability is handled as CVE-2024-50269. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.7. It has been rated as critical. Affected by this issue is some unknown functionality of the file drivers/clk/qcom/clk-branch.c. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-50266. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.10.229/5.15.171/6.1.116/6.6.60/6.11.7. This issue affects the function ucsi_ccg_update_set_new_cam_cmd of the component USB. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-50268. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Microsoft PowerPoint. Affected by this issue is some unknown functionality. The manipulation leads to use after free. This vulnerability is handled as CVE-2025-47175. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Linux Kernel up to 6.1.45/6.4.10. It has been classified as critical. Affected is the function amdgpu_cs_pass1 of the component AMD GPU. The manipulation leads to infinite loop. This vulnerability is traded as CVE-2023-52921. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component virtio. The manipulation leads to improper initialization. This vulnerability is known as CVE-2024-50264. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.11.7. This vulnerability affects the function ocfs2_xa_remove. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-50265. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Google’s artificial intelligence agent “Big Sleep” has made cybersecurity history by discovering and stopping the exploitation of a critical zero-day vulnerability in SQLite, marking the first time an AI system has directly foiled real-world cyberattacks. The AI agent, developed by Google DeepMind and Project Zero, identified the SQLite vulnerability (CVE-2025-6965) based on threat intelligence indicating […]

The post Google’s AI ‘Big Sleep’ Detects Critical SQLite 0-Day, Halts Ongoing Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Он шифровал бизнесы по всей Европе — и попался в халате на кухне.

NIST and collaborating institutions have released extensive data about the genome of pancreatic cancer cells.

Cameron John Wagenius faces up to 27 years in prison after pleading guilty to wire fraud, extortion and aggravated identity theft in data breaches involving major corporations.

Cybersecurity researchers have disclosed what they say is a "critical design flaw" in delegated Managed Service Accounts (dMSAs) introduced in Windows Server 2025. "The flaw can result in high-impact attacks, enabling cross-domain lateral movement and persistent access to all managed service accounts and their resources across Active Directory indefinitely," Semperis said in a report shared with

文章介绍了异步Beacon Object Files（BOFs）的设计与应用，允许红队在目标环境中部署传感器实时监控事件（如管理员登录），并在不影响植入睡眠的情况下将数据传输至C2服务器。该设计支持自动化任务（如获取TGT、启动键盘记录器），提升红队操作的效率与隐蔽性，并为未来实现类似SIEM的解决方案奠定基础。

A vulnerability was found in Linux Kernel up to 5.10.87/5.15.10 and classified as critical. Affected by this issue is some unknown functionality of the file block/blk-iocost.c. The manipulation leads to divide by zero. This vulnerability is handled as CVE-2021-47584. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 4.19.221/5.4.167/5.10.87/5.15.10 and classified as critical. Affected by this vulnerability is the function mutex_init of the component mxl111sf. The manipulation leads to uninitialized pointer. This vulnerability is known as CVE-2021-47583. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.15.10. Affected is the function do_proc_control of the file /proc/sys/kernel/hung_task_timeout_secs of the component USB Core. The manipulation leads to missing initialization of a variable. This vulnerability is traded as CVE-2021-47582. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.10.87/5.15.10. Affected by this vulnerability is the function kcalloc in the library include/linux/fortify-string.h of the component scsi. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2021-47578. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.10.87/5.15.10. Affected by this issue is the function min_t in the library include/linux/fortify-string.h of the component scsi_debug. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2021-47580. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.15.10. This issue affects the function task_work of the component io-wq. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2021-47577. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was suspected in Linux Kernel up to 5.15.10. Further investigation has shown that this issues is a false-positive. Please review the sources mentioned and consider not using this entry at all.