Aggregator

Открытие подтвердило: многие черты, считавшиеся исключительно человеческими, присущи и другим видам.

A vulnerability described as critical has been identified in code-projects Simple Online Hotel Reservation System 2.0. This affects an unknown function of the file /admin/add_account.php. The manipulation of the argument Name results in sql injection. This vulnerability was named CVE-2025-12594. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability marked as critical has been reported in code-projects Simple Online Hotel Reservation System 2.0. The impacted element is an unknown function of the file /admin/edit_room.php of the component Photo Handler. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2025-12593. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Submit #677576 / VDB-330889

今日暂未更新资讯~
更多最新文章，请访问SecWiki

Submit #677547 / VDB-330888

Submit #677548 / VDB-250126

A vulnerability was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1 and classified as critical. Impacted is the function w1_uart_probe. Executing manipulation can lead to null pointer dereference. The identification of this vulnerability is CVE-2025-22084. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. It has been declared as problematic. This affects the function vchiq_platform_conn_state_changed of the component vchiq_arm. Executing manipulation can lead to state issue. The identification of this vulnerability is CVE-2025-22078. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.12.22/6.13.10/6.14.1. Affected is an unknown function. Executing manipulation can lead to information disclosure. This vulnerability appears as CVE-2025-22076. The attacker needs to be present on the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.14.1. Affected by this issue is the function mlx5_poll_one of the component RDMA. Such manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-22086. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. This issue affects the function mlx5_umem_mkc_find_best_pgsz of the component RDMA. Executing manipulation can lead to insufficient verification of data authenticity. This vulnerability appears as CVE-2025-22091. The physical device can be targeted for the attack. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.14.1. It has been classified as critical. This vulnerability affects the function container_of of the component RDMA. Performing manipulation results in null pointer dereference. This vulnerability is identified as CVE-2025-22089. The attack can only be performed from the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.12.22/6.13.10/6.14.1. It has been rated as critical. This vulnerability affects the function may_goto of the component bpf. The manipulation of the argument interpreters[] leads to improper validation of array index. This vulnerability is referenced as CVE-2025-22087. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Linux Kernel up to 6.1.133/6.6.86/6.12.22/6.13.10/6.14.1 and classified as critical. Affected is an unknown function of the component AMD Display. The manipulation results in null pointer dereference. This vulnerability is identified as CVE-2025-22093. The attack can only be performed from the local network. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.13.10/6.14.1. The affected element is the function pci_setup_device of the component PCI. Executing manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2025-22092. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability labeled as very critical has been found in IBM i 7.2/7.3/7.4/7.5/7.6. The affected element is an unknown function of the component SQL Service. Executing manipulation can lead to missing authorization. This vulnerability is handled as CVE-2025-36367. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability labeled as very critical has been found in IBM i 7.2/7.3/7.4/7.5/7.6. The affected element is an unknown function of the component SQL Service. Executing manipulation can lead to missing authorization. This vulnerability is handled as CVE-2025-36367. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.

arXiv 平台宣布修改计算机科学类的论文预印本接受政策，原因是由于大模型加快了论文撰写速度，导致计算机科学类的论文投稿数量大幅增长，其中很多价值不高，因此为确保论文质量，它现在要求计算机科学类的综述论文和立场论文需要先被期刊或会议接受，通过同行评审，它才会考虑接受。在递交计算机科学综述论文和立场论文时，作者需要提供通过同行评审的证明，不提供证明可能会被拒收。arXiv 称它以前只收到少量综述论文和立场论文，但如今每月都会收到数百篇综述，其中很多只是带注释的参考文献，没有对开放性研究问题进行实质性讨论。