Aggregator

A vulnerability classified as critical has been found in Linux Kernel up to 5.18.17/5.19.1/80cf4932c2545bc231e933d869511008c36af1e0. Affected is the function kunit_filter_tests of the component kunit. The manipulation leads to memory leak. This vulnerability is traded as CVE-2022-50170. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been rated as problematic. This issue affects the function wil_write_file_wmi of the component wifi. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2022-50169. The attack needs to be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.17/5.19.1. It has been declared as problematic. This vulnerability affects the function jit_subprogs of the component bpf. The manipulation leads to privilege escalation. This vulnerability was named CVE-2022-50168. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.18.17/5.19.1. It has been classified as problematic. This affects the function fuse_release. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2022-50217. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1 and classified as critical. Affected by this issue is the function write_page of the file shell/integrity-blocksize-3.sh. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-50216. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1 and classified as critical. Affected by this vulnerability is the function virtio_gpu_cmd_get_capset. The manipulation leads to null pointer dereference. This vulnerability is known as CVE-2022-50181. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Veeam Agent up to 6.3.1.1074 on Windows. Affected is an unknown function. The manipulation leads to permission issues. This vulnerability is traded as CVE-2025-24287. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

Bitdefender announced it has agreed to acquire Mesh Security Limited (Mesh), a provider of email security solutions. Through the acquisition, Mesh’s email security technology and capabilities will be integrated into Bitdefender’s extended detection and response (XDR) platform and managed detection and response (MDR) services. The transaction is subject to customary closing conditions, including regulatory approvals. Email remains the most exploited attack vector and serves as an entry point for ransomware, phishing, and business email compromise … More →

The post Bitdefender acquires Mesh to boost email protection for businesses and MSPs appeared first on Help Net Security.

A vulnerability, which was classified as critical, has been found in Veeam Backup & Replication up to 12.3.1.1139. This issue affects some unknown processing of the component Backup Job Handler. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2025-24286. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Veeam Backup & Replication up to 12.3.1.1139. This vulnerability affects unknown code of the component Backup Server. The manipulation leads to privilege escalation. This vulnerability was named CVE-2025-23121. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Veeam addressed a new critical flaw in Backup & Replication product that could potentially result in remote code execution. Veeam has rolled out security patches to address a critical security vulnerability, tracked CVE-2025-23121 (CVSS score of 9.9) in its Backup & Replication solution that can allow remote attackers to execute arbitrary code under certain conditions. […]

F6, a leading developer of technologies to combat cybercrime, has reported the emergence of SuperCard, a malicious modification of the legitimate NFCGate program, now targeting Android users globally, with recent attacks recorded in Russia. Initially detected in Europe during spring 2025, where it struck clients of European banks, this malware surfaced in Russia by May […]

The post SuperCard Malware Hijacks Android Devices to Steal Payment Card Data and Relay it to Attackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.18.17/5.19.1. This affects the function elem_size of the component bpf. The manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2022-50167. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been rated as critical. Affected by this issue is the function usbnet_deferred_kevent of the file aqc111.c of the component USB Ethernet Driver. The manipulation leads to use after free. This vulnerability is handled as CVE-2022-50220. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.19.1. It has been declared as critical. Affected by this vulnerability is the function SG_FLAG_DIRECT_IO of the component iSCSI Driver. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2022-50215. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.4.210/5.10.136/5.15.60/5.18.17/5.19.1. It has been classified as critical. Affected is the function coresight_release_platform_data in the library lib/refcount.c. The manipulation leads to use after free. This vulnerability is traded as CVE-2022-50214. The attack needs to be approached within the local network. There is no exploit available. It is recommended to upgrade the affected component.

2023 年 6 月旅游观光公司 OceanGate 的深海潜艇泰坦号在水下解体，五名乘客全部遇难。遇难者包括了公司创始人兼 CEO Stockton Rush。早期披露的信息显示灾难发生的一个重要原因是 CEO 的刚愎自用，无视安全问题。这场灾难本可以预防的。Netflix 上周上映的纪录片《Titan: The OceanGate Disaster》揭露了泰坦号潜艇事故的更多细节：泰坦号最早使用的碳纤维船壳在出现明显裂纹后替换为第二个碳纤维船壳；第二个船壳的三个缩小模型未通过测试，然而 OceanGate 决定不管继续建造；潜艇在潜水中多次传出巨大声响，CEO 不以为然的称之为“风干（seasoning）”；提出安全问题的员工或者解雇或者主动辞职；Rush 想让公司会计 Bonnie Carl 担任潜艇驾驶员，她是一位有经验的潜水员，她拒绝去驾驶潜艇而选择了辞职，她说疯了吗我是会计。

De Koninklijke Marine heeft er tijdelijk een patrouilleschip bij. DSS Galatea is vandaag in Den Helder officieel overgedragen van Damen Shipyards aan Defensie. Het civiele schip ligt niet lang aan de kade, want tijdens de NAVO-top in Den Haag wordt het direct ingezet.

A vulnerability was found in Linux Kernel up to 5.4.210/5.10.136/5.15.60/5.18.17/5.19.1 and classified as problematic. This issue affects the function list_add in the library lib/list_debug.c of the component wifi. The manipulation leads to privilege escalation. The identification of this vulnerability is CVE-2022-50164. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.19.1 and classified as critical. This vulnerability affects the function if_usb_probe of the component wifi. The manipulation leads to improper update of reference count. This vulnerability was named CVE-2022-50162. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.