Aggregator

Critical Linux Kernel Vulnerability Allows Attackers Gain Full Kernel-Level Control From Chrome Sandbox

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
4 months ago

August 9, 2025: A severe security vulnerability in the Linux kernel, dubbed CVE-2025-38236, has been uncovered by Google Project Zero researcher Jann Horn, exposing a pathway for attackers ranging from native code execution within the Chrome renderer sandbox to full kernel-level control on Linux systems.  The flaw, tied to the obscure MSG_OOB feature in UNIX […]

The post Critical Linux Kernel Vulnerability Allows Attackers Gain Full Kernel-Level Control From Chrome Sandbox appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Balaji

New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox Via Rare Linux Socket Feature

Cyber Security News
4 months ago

A critical vulnerability in the Linux kernel, identified as CVE-2025-38236, has exposed a flaw that could allow attackers to escalate privileges from within the Chrome renderer sandbox on Linux systems.  Google Project Zero researcher Jann Horn discovered the bug affects Linux kernel versions 6.9 and above, stemming from the obscure MSG_OOB (out-of-band) feature in UNIX […]

The post New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox Via Rare Linux Socket Feature appeared first on Cyber Security News.

Balaji N

Germany limits police spyware use to serious crimes

Security Affairs
4 months ago
Germany’s top court ruled police can use spyware only for crimes punishable by at least three years in prison. Germany’s top court ruled that police may only use spyware to monitor devices in cases involving crimes with a maximum sentence of at least three years. “The interference with both the fundamental right protecting IT-systems and Art. 10(1) of […]
Pierluigi Paganini

Germany limits police spyware use to serious crimes

不安全
4 months ago
德国最高法院裁决限制警方使用间谍软件仅限于涉及至少三年监禁的严重犯罪案件,并回应2017年相关规则的挑战,强调此类监视对隐私权构成“非常严重”的侵犯,并具有广泛的监控能力。

CVE-2025-8811 | code-projects Simple Art Gallery 1.0 /Admin/registration.php fname sql injection (EUVD-2025-24093)

VulDB Recent Entries
4 months ago
A vulnerability, which was classified as critical, has been found in code-projects Simple Art Gallery 1.0. Affected by this issue is some unknown functionality of the file /Admin/registration.php. The manipulation of the argument fname leads to sql injection. This vulnerability is handled as CVE-2025-8811. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-8810 | Tenda AC20 16.03.08.05 /goform/SetFirewallCfg strcpy firewallEn stack-based overflow (EUVD-2025-24090)

VulDB Recent Entries
4 months ago
A vulnerability classified as critical was found in Tenda AC20 16.03.08.05. Affected by this vulnerability is the function strcpy of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. This vulnerability is known as CVE-2025-8810. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2025-8809 | code-projects Online Medicine Guide 1.0 /addelidetails.php del sql injection (EUVD-2025-24091)

VulDB Recent Entries
4 months ago
A vulnerability classified as critical has been found in code-projects Online Medicine Guide 1.0. Affected is an unknown function of the file /addelidetails.php. The manipulation of the argument del leads to sql injection. This vulnerability is traded as CVE-2025-8809. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

Managed ad