Aggregator

A vulnerability was found in Linux Kernel up to 6.8.7/6.9-rc4. It has been rated as critical. This issue affects the function src_folio of the component userfaultfd. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2024-27007. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4 and classified as problematic. This vulnerability affects the function fabricate_dcb_output of the component nv04. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2024-27008. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.6.28/6.8.7/6.9-rc4. It has been classified as problematic. This affects the function icc_set_bw of the component interconnect. The manipulation leads to allocation of resources. This vulnerability is uniquely identified as CVE-2024-27005. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4 and classified as critical. Affected by this issue is the function clk_pm_runtime_get. The manipulation leads to deadlock. This vulnerability is handled as CVE-2024-27004. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 6.1.87/6.6.28/6.8.7/6.9-rc4 and classified as critical. Affected by this vulnerability is the function clk_pm_runtime_get. The manipulation leads to deadlock. This vulnerability is known as CVE-2024-27003. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.1.87/6.6.28/6.8.7/6.9-rc4. Affected by this vulnerability is the function genpd_power_off_work_fn of the component mediatek. The manipulation leads to deadlock. This vulnerability is known as CVE-2024-27002. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

r/HowToHack 是一个开放的黑客社区，旨在帮助新手成长为资深人士。用户可以在此提问、解答和学习地下技能，并通过 Discord 进行交流。

BrainDamage 是一款用于红队和对手模拟团队的有效载荷生成与加密分阶段工具，支持 Linux、macOS 和 Windows。其功能包括 AES 加密、多种载荷类型（如 bash 反向壳、Python 载荷）、内置 HTTP/S 服务器以及会话跟踪等，适用于隐蔽载荷投递与早期阶段的攻击操作。

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4. Affected is the function vmk80xx_find_usb_endpoints of the file drivers/usb/core/urb.c of the component comedi. The manipulation leads to denial of service. This vulnerability is traded as CVE-2024-27001. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.87/6.6.28/6.8.7/6.9-rc4. Affected is the function uart_handle_cts_change of the file /drivers/tty/serial/serial_core.c of the component mxs-auart. The manipulation leads to state issue. This vulnerability is traded as CVE-2024-27000. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4. This issue affects the function pr_err of the component pmac_zilog. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2024-26999. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Linux Kernel up to 6.6.28/6.8/6.8.7/6.9-rc4. This vulnerability affects the function uart_tty_port_shutdown of the file drivers/tty/serial/8250/8250_port.c. The manipulation leads to null pointer dereference. This vulnerability was named CVE-2024-26998. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4. It has been classified as critical. Affected is an unknown function of the component dwc2. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2024-26997. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4. Affected is the function eth_stop of the component f_ncm. The manipulation leads to use after free. This vulnerability is traded as CVE-2024-26996. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.8.7/6.9-rc4. It has been declared as problematic. Affected by this vulnerability is the function pd_set of the component tcpm. The manipulation leads to off-by-one. This vulnerability is known as CVE-2024-26995. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.15.156/6.1.87/6.6.28/6.8.7/6.9-rc4 and classified as critical. This issue affects some unknown processing of the component speakup. The manipulation leads to buffer overflow. The identification of this vulnerability is CVE-2024-26994. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

JSubFinder JSubFinder is a tool written in golang to search webpages & javascript for hidden subdomains and secrets in the given URL. Developed with BugBounty hunters in mind JSubFinder takes advantage of Go’s amazing...

The post jsubfinder: earch webpages & javascript for hidden subdomains and secrets in the given URL appeared first on Penetration Testing Tools.

Meta 雷朋联名智能眼镜销量今年激增 300%，第三代产品 10 月发售；Instagram 重拳出击，新规规定用户必须满 1000 名粉丝才能开直播；5 年内保姆机器人价格将降到 5 万元，普通人也买得起

当前环境出现异常情况，用户需完成验证流程后方可继续访问相关服务或系统。