Aggregator

GitHub新增社交登录功能，支持通过谷歌账号快速注册并使用绑定邮箱创建账户，默认无需设置密码和双重认证。建议注册后手动检查邮箱并设置密码以防万一。现有账户暂不支持绑定谷歌账号用于登录。

A vulnerability was found in Linux Kernel up to 6.15.3. It has been rated as problematic. Affected by this issue is the function mii_nway_restart of the component ch9200. The manipulation leads to unchecked return value. This vulnerability is handled as CVE-2025-38086. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 5.16.18/5.17.1. This vulnerability affects the function sprintf. The manipulation leads to buffer overflow. This vulnerability was named CVE-2022-49267. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in djvulibre 3.5.28. Affected by this issue is some unknown functionality of the file IW44EncodeCodec.cpp. The manipulation leads to divide by zero. This vulnerability is handled as CVE-2021-46312. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability classified as problematic has been found in djvulibre 3.5.28. This affects an unknown part of the file IW44Image.cpp. The manipulation leads to divide by zero. This vulnerability is uniquely identified as CVE-2021-46310. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability was found in GNU screen. It has been rated as critical. Affected by this issue is the function CheckPid of the file socket.c of the component Signal Handler. The manipulation leads to race condition. This vulnerability is handled as CVE-2025-46805. Attacking locally is a requirement. There is no exploit available.

Androidアプリ「region PAY」には、ログファイルへの機微な情報の出力の脆弱性が存在します。

用户在HowToHack社区询问如何绕过受组织保护且无管理员密码的二手笔记本限制。

HackerNews 编译，转载请注明出处： 法国奢侈品牌迪奥（Dior）近期开始向美国客户发送数据泄露通知，告知其2025年5月发生的网络安全事件导致个人信息被泄露。迪奥隶属于全球最大奢侈品集团路威酩轩（LVMH），该品牌年营收超120亿美元，在全球运营数百家精品店。 此次安全事件实际发生在2025年1月26日，但公司直到2025年5月7日才察觉并启动内部调查以确定影响范围。发送给受影响个人的通知中写道：“调查确定，未授权方于2025年1月26日非法访问了包含迪奥客户信息的数据库。迪奥已迅速采取措施控制事件，目前无证据表明系统后续再遭入侵。” 根据调查结果，以下信息已遭泄露： 全名 联系方式 住址 出生日期 护照或政府身份证号码（部分情况） 社保号码（部分情况） 公司澄清称，被入侵数据库未包含银行账户或支付卡信息等支付详情，故此类财务数据仍安全。迪奥已据此通知执法部门，并聘请第三方网络安全专家协助控制事件。 收到通知的用户需警惕诈骗和钓鱼企图，密切监控金融账户活动，及时识别并报告可疑行为。通知信函同时附带了免费领取24个月信用监控及身份盗窃保护服务的操作指南，该服务有效期截至2025年10月31日。 此次事件时间点与迪奥早前在韩国和中国披露的安全事件吻合。同为LVMH集团旗下的路易威登（Louis Vuitton）近期也披露了影响英国、韩国和土耳其客户的数据泄露事件。尽管涉事公司发言人未回应澄清请求，但行业信息表明，路易威登与迪奥事件实属同一网络攻击的一部分。 据信，此次攻击与勒索团伙ShinyHunters有关，其通过入侵第三方供应商数据库获取了LVMH客户信息。若属实，路易威登可能随后发布针对美国客户的类似披露。目前，迪奥尚未回应关于受影响美国客户数量的质询。       消息来源：bleepingcomputer； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

文章描述了错误代码521的原因及其解决方法。该错误通常由服务器配置错误、网络连接问题或DNS设置错误引起。常见原因包括服务器无法正确处理请求或网络设备限制了数据传输。解决方法包括检查服务器配置、联系网站管理员修复问题或尝试重新连接网络以排除临时故障。

A vulnerability was found in Linux Kernel up to 6.12.12/6.13.1. It has been declared as critical. Affected by this vulnerability is the function btrtl_setup_realtek. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-57987. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 6.1.128/6.6.77/6.12.13/6.13.2. This issue affects some unknown processing of the component binfmt_flat. The manipulation of the argument full_data leads to integer overflow. The identification of this vulnerability is CVE-2024-58010. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.12/6.13.1 and classified as problematic. This issue affects the function xfrm_dst_hash. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2024-57982. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.12.12/6.13.1 and classified as problematic. This issue affects some unknown processing of the component memcg. The manipulation leads to excessive iteration. The identification of this vulnerability is CVE-2024-57977. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.1.128/6.6.75/6.12.12/6.13.1. It has been declared as critical. Affected by this vulnerability is the function hid_apply_multipler. The manipulation leads to infinite loop. This vulnerability is known as CVE-2024-57986. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.