Aggregator

То, что годами держалось на энтузиазме, получило серьёзную мотивацию.

中亚的冰川是生活在下游地区的数百万人的重要水源。一项新研究发现 2025 年中亚经历了创纪录的冰川损失。冰川加速消融可能会在短期内增加融水，但最终由于冰量的减少融水也会减少。研究人员利用对天山和帕米尔高原 16 座冰川的实地观测数据，结合模型，估算出中亚冰川在一年内损失了约 30 立方千米的冰，相当于该地区冰川总体积的近 2%。这一结果是异常温暖的春夏季气温以及降雪频率的大幅下降造成的。16 座冰川有 9 座经历了有史以来最严重的冰川质量损失，帕米尔高原西部和天山山脉西部的冰川消融最为严重，部分冰川在一年内损失了 2%-4% 的总冰量。64% 的冰川经历了自 1991 年以来最严重的冰川质量损失。研究人员警告由于全球暖化，这种情况可能成为常态。

A vulnerability was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. It has been declared as critical. This affects the function s32ton of the component HID Parser. The manipulation results in out-of-bounds read. This vulnerability is known as CVE-2026-31624. Access to the local network is required for this attack. No exploit is available. It is recommended to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.19.13/7.0.0. Affected is the function auxiliary_device_uninit. Executing a manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2026-31621. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. It has been classified as critical. The impacted element is the function rx_complete of the component USB Handler. The manipulation of the argument frags[] leads to privilege escalation. This vulnerability is traded as CVE-2026-31623. Access to the local network is required for this attack to succeed. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. This impacts the function digital_in_recv_sdd_res of the component NFC. Executing a manipulation can lead to heap-based buffer overflow. This vulnerability appears as CVE-2026-31622. The attacker needs to be present on the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. It has been classified as critical. Impacted is the function efr_status_names of the component ALSA. The manipulation leads to privilege escalation. This vulnerability is documented as CVE-2026-31619. The attack requires being on the local network. There is not any exploit available. Upgrading the affected component is recommended.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.18.23/6.19.13/7.0.0. This affects the function usb_ifnum_to_if of the component USB Handler. Such manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2026-31620. Access to the local network is required for this attack to succeed. There is no exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.82/6.18.23/6.19.13/7.0.0. It has been rated as critical. This impacts the function FBIOPUT_VSCREENINFO of the component Udlfb Driver. This manipulation causes divide by zero. This vulnerability is handled as CVE-2026-31618. The attack can only be done within the local network. There is not any exploit available. Upgrading the affected component is advised.

三星相册将很快停止直接与OneDrive同步早在去年九月，媒体在泄露的One UI 8.5版本中发现了代码，表明三星相册将终止对微软 OneDrive 的支持。近日，一位Reddit用户发现，微软最近

A vulnerability, which was classified as problematic, was found in SourceCodester Hospital Patient Records Management System 1.0. This issue affects some unknown processing. Such manipulation of the argument Description leads to cross site scripting. This vulnerability is referenced as CVE-2022-22852. It is possible to launch the attack remotely. No exploit is available.

A vulnerability, which was classified as problematic, has been found in SourceCodester Hospital Patient Records Management System 1.0. This vulnerability affects unknown code. This manipulation of the argument Description causes cross site scripting. The identification of this vulnerability is CVE-2022-22850. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability categorized as problematic has been discovered in SourceCodester Hospital Patient Records Management System 1.0. This issue affects some unknown processing of the file doctors.php. Executing a manipulation of the argument specialization can lead to cross site scripting. This vulnerability appears as CVE-2022-22851. The attack may be performed from remote. In addition, an exploit is available.

I’m doing Open Source primarily because I love it. The social aspects, the for-the-good angle an

Сервис для управления идентификацией и доступом, созданный с фокусом на кибербезопасность, удобство пользователей и выгоду для бизнеса.

Submit #815067 / VDB-191669

A vulnerability was found in CodeAstro Leave Management System 1.0. It has been declared as critical. The affected element is an unknown function of the file /admin/add_staff.php. Executing a manipulation of the argument email_id can lead to sql injection. This vulnerability is tracked as CVE-2026-9542. The attack can be launched remotely. Moreover, an exploit is present.

Submit #814936 / VDB-285939