Aggregator

CVE-2024-53042 | Linux Kernel up to 6.11.6 ipv4 net/core/dev.c ip_tunnel_init_flow stack-based overflow (Nessus ID 211777 / WID-SEC-2024-3509)

Vuldb Updates
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.11.6. It has been classified as critical. This affects the function ip_tunnel_init_flow of the file net/core/dev.c of the component ipv4. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-53042. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Microsoft Defender for Office 365 Launches New Dashboard for Enhanced Threat Vector Insights

Cyber Security News
1 week 2 days ago

Microsoft today announced the rollout of a revamped customer dashboard in Microsoft Defender for Office 365, designed to deliver unprecedented insights across a broad spectrum of attack vectors.  The new interface gives security teams real-time visibility into threats blocked before delivery, malicious content remediated post-delivery, and even “missed” incidents, all without sacrificing privacy or performance.  […]

The post Microsoft Defender for Office 365 Launches New Dashboard for Enhanced Threat Vector Insights appeared first on Cyber Security News.

Kaaviya

微信安全漏洞复现:无感执行远程代码

火绒安全实验室
1 week 2 days ago
近日,微信安全漏洞:目录穿越造成RCE(远程代码执行)在网络传播较为广泛,引起热议。微信3.9及以下版本均存在此问题,建议及时从微信官网下载最新版本进行安装。火绒最新版本病毒库已实现相关防护,请广大用户及时升级火绒病毒库。

Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 week 2 days ago

A critical security vulnerability has been discovered in Ubiquiti’s UniFi Access devices that could allow malicious actors to inject and execute arbitrary commands on affected systems. The vulnerability, designated as CVE-2025-27212, affects multiple UniFi Access products and carries a maximum CVSS score of 9.8, indicating its severe nature and potential for widespread exploitation. Vulnerability Details […]

The post Ubiquiti UniFi Vulnerability Lets Hackers Inject Malicious Commands appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

CVE-2024-53045 | Linux Kernel up to 6.11.6 dapm_widget_list_create denial of service (c549cb66e8de/2ef9439f7a19 / Nessus ID 216493)

Vuldb Updates
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.11.6. It has been rated as critical. This issue affects the function dapm_widget_list_create. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-53045. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-53051 | Linux Kernel up to 6.11.6 hdcp intel_hdcp_get_capability null pointer dereference (4912e8fb3c37/31b42af516af / Nessus ID 213018)

Vuldb Updates
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.11.6 and classified as critical. Affected by this issue is the function intel_hdcp_get_capability of the component hdcp. The manipulation leads to null pointer dereference. This vulnerability is handled as CVE-2024-53051. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-53044 | Linux Kernel up to 6.11.6 sch_api xa_insert denial of service (8966eb69a143/a13e690191ea / Nessus ID 216493)

Vuldb Updates
1 week 2 days ago
A vulnerability, which was classified as critical, was found in Linux Kernel up to 6.11.6. Affected is the function xa_insert of the component sch_api. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-53044. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-50304 | Linux Kernel up to 6.11.6 net/ipv4/ip_tunnel.c ip_tunnel_find stack-based overflow (f20fe2cfe06c/90e0569dd3d3 / Nessus ID 215144)

Vuldb Updates
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.11.6 and classified as critical. Affected by this issue is the function ip_tunnel_find of the file net/ipv4/ip_tunnel.c. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2024-50304. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-53043 | Linux Kernel up to 6.1.115/6.6.59/6.11.6 mctp i2c null pointer dereference (Nessus ID 211777 / WID-SEC-2024-3509)

Vuldb Updates
1 week 2 days ago
A vulnerability has been found in Linux Kernel up to 6.1.115/6.6.59/6.11.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component mctp i2c. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2024-53043. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-50303 | Linux Kernel up to 6.11.6 walk_system_ram_res_rev memory corruption (dc9031b7919b/b125a0def25a / Nessus ID 216493)

Vuldb Updates
1 week 2 days ago
A vulnerability was found in Linux Kernel up to 6.11.6. It has been declared as critical. This vulnerability affects the function walk_system_ram_res_rev. The manipulation leads to memory corruption. This vulnerability was named CVE-2024-50303. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Lenovo Protection Driver Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code

Cyber Security News
1 week 2 days ago

A buffer overflow vulnerability in Lenovo Protection Driver could allow local attackers with elevated privileges to execute arbitrary code on affected systems.  The vulnerability, designated as CVE-2025-4657, affects multiple Lenovo applications and poses significant security risks to desktop, ThinkCentre, laptop, and ThinkPad users. Key Takeaways1. Buffer overflow vulnerability allows attackers to execute arbitrary code and […]

The post Lenovo Protection Driver Vulnerability Let Attackers Escalate Privilege and Execute Arbitrary Code appeared first on Cyber Security News.

Kaaviya

CVE-2025-6227 | Mattermost up to 9.11.16/10.5.7/10.8.x REST API insufficiently protected credentials (EUVD-2025-21876)

VulDB Recent Entries
1 week 2 days ago
A vulnerability was found in Mattermost up to 9.11.16/10.5.7/10.8.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the component REST API. The manipulation leads to insufficiently protected credentials. This vulnerability is handled as CVE-2025-6227. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Managed ad