Aggregator

A vulnerability classified as critical was found in Linux Kernel up to 6.16.1. This affects the function rockchip_smp_prepare_cpus of the component ARM. Such manipulation leads to improper initialization. This vulnerability is documented as CVE-2025-39752. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.17-rc2. Affected is an unknown function. Executing manipulation can lead to unchecked return value. The identification of this vulnerability is CVE-2025-39766. The attack needs to be done within the local network. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability described as problematic has been identified in Linux Kernel up to 6.17-rc1. This affects the function num_bytes of the file /fs/btrfs/extent-tree.c. Executing manipulation can lead to privilege escalation. This vulnerability is registered as CVE-2025-39738. The attack requires access to the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.16.1. This affects the function clear_inode of the component jfs. Performing manipulation of the argument fileset results in privilege escalation. This vulnerability is identified as CVE-2025-39743. The attack can only be performed from the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.16.1. It has been classified as critical. This issue affects the function add_tuning_control of the component ALSA. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-39751. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in Linux Kernel up to 6.16.1. This impacts the function kvmalloc_array of the file mm/slub.c. The manipulation leads to uncontrolled file descriptor consumption. This vulnerability is documented as CVE-2025-39756. The attack requires being on the local network. There is not any exploit available. It is recommended to upgrade the affected component.

Новая физика скольжения показывает, что направление зарядов важнее килопаскалей.

Физики научились видеть самую ускользающую форму квантовой запутанности.

This week in cybersecurity serves as a critical reminder of the pervasive risks within the digital supply chain, as several industry-leading companies disclosed significant data breaches. The incidents, affecting vulnerability management giants Tenable and Qualys, as well as enterprise software provider Workday, all stemmed from a security flaw in a common third-party service. This chain […]

The post Weekly Cybersecurity News Recap : Tenable, Qualys, Workday Data Breaches and Security Updates appeared first on Cyber Security News.

IOC Alert: Supershell Command-and-Control Infrastructure

Discover the 15 best Node.js testing tools to ensure code reliability. This practical list covers top frameworks, their benefits, and use cases for robust testing.

The post The Best testing tools for Node.js appeared first on Security Boulevard.

Миллиарды образцов могут храниться без холода и быть доступны ученым всего мира.

Orleans Parish Sheriff’s Office Falls Victim to Qilin Ransomware

稳定币反洗钱与合规路径技术研究报告 by ourren

被忽视的“GitHub Actions Supply Chain Attack”事件 by ourren

YASA：开源的静态程序分析项目 by ourren

基于流间时空关联分析的图神经网络网站指纹识别方法 by ourren

更多最新文章，请访问SecWiki

A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been classified as critical. This affects an unknown function of the file /index.php?q=result&searchfor=bycompany. This manipulation of the argument Search causes sql injection. This vulnerability is handled as CVE-2025-10448. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in Campcodes Online Job Finder System 1.0 and classified as critical. The impacted element is an unknown function of the file /eris/applicationform.php. The manipulation of the argument picture results in unrestricted upload. This vulnerability is known as CVE-2025-10447. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability has been found in Campcodes Computer Sales and Inventory System 1.0 and classified as critical. The affected element is an unknown function of the file /pages/cust_searchfrm.php?action=edit. The manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2025-10446. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Campcodes Computer Sales and Inventory System 1.0. Impacted is an unknown function of the file /pages/us_transac.php?action=add. Executing manipulation of the argument Username can lead to sql injection. This vulnerability appears as CVE-2025-10445. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability, which was classified as critical, has been found in Campcodes Online Job Finder System 1.0. This issue affects some unknown processing of the file /advancesearch.php. Performing manipulation of the argument Username results in sql injection. This vulnerability is reported as CVE-2025-10444. The attack is possible to be carried out remotely. Moreover, an exploit is present.

Submit #648023 / VDB-323882