Aggregator

A vulnerability classified as critical has been found in Linux Kernel up to 5.18.17/5.19.1. This affects the function __kernfs_remove of the file fs/kernfs/dir.c of the component kernfs. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-50148. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been rated as critical. Affected by this issue is the function of_parse_phandle of the component usb. The manipulation leads to improper update of reference count. This vulnerability is handled as CVE-2022-50152. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been declared as critical. Affected by this vulnerability is the function rxe_create_qp of the component qp_init. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2022-50135. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1. It has been classified as critical. Affected is the function ast_vhub_init_desc of the component usb. The manipulation leads to improper update of reference count. This vulnerability is traded as CVE-2022-50139. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

2 luchtmachtmilitairen hebben vandaag een dapperheidsonderscheiding ontvangen. Na gevaarlijke activiteiten tijdens missies is er vele jaren later erkenning. Adjudant Paul nam een Bronzen Kruis in ontvangst, kapitein-vlieger Michiel kreeg een Vliegerkruis. Wat minister Ruben Brekelmans betreft verdienden beiden militairen al veel eerder erkenning.

A vulnerability was found in Linux Kernel up to 5.4.210/5.10.136/5.15.60/5.18.17/5.19.1 and classified as problematic. This issue affects the function IW_CM_EVENT_CONNECT_REPLY of the component RDMA. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2022-50136. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1 and classified as critical. This vulnerability affects the function cdns3_gadget_ep_dequeue of the component usb. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2022-50132. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.19.1. This affects the function of_find_matching_node of the component mmc. The manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2022-50141. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1. Affected by this issue is the function __qedr_alloc_mr of the component RDMA. The manipulation leads to memory leak. This vulnerability is handled as CVE-2022-50138. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1. Affected by this vulnerability is the function mcp_smbus_write of the file drivers/hid/hid-mcp2221.c of the component HID. The manipulation of the argument len leads to buffer overflow. This vulnerability is known as CVE-2022-50131. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.19.1. Affected is the function bitmap_free. The manipulation leads to memory leak. This vulnerability is traded as CVE-2022-50140. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A recent vulnerability has been discovered in the Zyxel NWA50AX Pro, a WiFi 6 access point for small businesses, exposing it to an n-day flaw that allows arbitrary file deletion via a misconfigured CGI endpoint. This issue, tracked as CVE-2024-29974, highlights the risks of shared codebases and incomplete patching in embedded devices. Discovery and Technical […]

The post Zyxel NWA50AX Pro Hit by N-Day Flaw Allowing Arbitrary File Deletion appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

「本文来源于知乎用户『洞源实验室』对热门提问的回答，更多干货内容可关注我们的知乎账号，第一时间获取最新回答！

Mobile wallets like Apple Pay and Google Pay (GPay) have revolutionized the way we pay, offering speed and convenience that traditional cards can’t match. But as recent research and real-world incidents show, these digital wallets are not immune to attack. In fact, some of their most convenient features—like Express Transit mode—are now being exploited by […]

The post Hackers Exploit Transit Mode in Apple Pay and GPay to Steal Money appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft has announced a significant enhancement to its Office 365 Defender suite with the introduction of Mail Bombing Detection, a new feature designed to combat the rising threat of email bombing attacks. This capability will be rolled out globally, starting in late June 2025, and is expected to reach all customers by late July 2025. […]

The post Microsoft Enhances Office 365 Defender to Stop Email Bombing Campaigns appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Editor’s note: The current article is authored by Clandestine, threat researcher and threat hunter. You can find Clandestine on X. Threat actors today are continuously developing sophisticated techniques to evade traditional detection methods. ANY.RUN’s Threat Intelligence Lookup offers advanced capabilities for threat data gathering and analysis. As a specialized search engine, it allows security analysts to query […]

The post Threat Hunting: Hands-on Tips for SOC Analysts and MSSPs  appeared first on ANY.RUN's Cybersecurity Blog.

Research by: Jaromír Hořejší (@JaromirHorejsi), Antonis Terefos (@Tera0017) Key Points Introduction Minecraft is a popular video game with a massive global player base, with over 200 million monthly active players. The game has also sold over 300 million copies, making it one of the best-selling video games ever. Minecraft supports mods (user-created modifications), which enrich the […]

The post Fake Minecraft mods distributed by the Stargazers Ghost Network to steal gamers’ data appeared first on Check Point Research.

Amazon Web Services (AWS) added a bevy of additional cybersecurity tools and services to its portfolio that collectively make securing its cloud computing platform simpler. Announced at the AWS re:Inforce 2025 conference, the additions include a preview of a revamped AWS Security Hub that now identifies which vulnerabilities from a threat perspective are potentially the..

The post AWS Makes Bevy of Updates to Simplify Cloud Security appeared first on Security Boulevard.