Aggregator

关键词网络攻击安全厂商报告显示，知名威胁组织“银狐”（Silver Fox）正通过 Winos 4.0（又名

关键词国家安全近期，国家安全机关成功破获一起重大网络攻击案件，查实美国国家安全局（NSA）长期针对中国国家授时

Пекин заявляет о разоблачении сложной операции против систем синхронизации.

WatchGuard has disclosed a critical out-of-bounds write vulnerability in its Fireware OS, enabling remote unauthenticated attackers to execute arbitrary code via IKEv2 VPN connections. Designated CVE-2025-9242 under advisory WGSA-2025-00015, the flaw carries a CVSS 4.0 score of 9.3, highlighting its potential for high-impact exploitation on Firebox appliances. Published on September 17, 2025, and updated two […]

The post WatchGuard VPN Vulnerability Let Remote Attacker Execute Arbitrary Code appeared first on Cyber Security News.

A vulnerability was found in Linux Kernel up to 5.15.60/5.18.17/5.19.1. It has been rated as critical. The impacted element is the function of_parse_phandle of the component remoteproc. Performing manipulation results in improper update of reference count. This vulnerability is cataloged as CVE-2022-50120. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 5.10.136/5.15.60/5.18.17/5.19.1. This affects the function for_each_available_child_of_node of the component remoteproc. Executing manipulation can lead to improper update of reference count. This vulnerability is registered as CVE-2022-50121. The attack requires access to the local network. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 5.19.1. This issue affects the function of_parse_phandle of the component ASoC. Performing manipulation results in improper update of reference count. This vulnerability is cataloged as CVE-2022-50122. The attack must originate from the local network. There is no exploit available. You should upgrade the affected component.

A vulnerability described as critical has been identified in Linux Kernel up to 5.15.60/5.18.17/5.19.1/15b5d74600b98adf396d416ed59e0d43726f2671. This vulnerability affects the function release_mem_region of the component watchdog. Such manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-50110. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in LibreWolf up to 143.0.4-1 on Windows and classified as problematic. This affects an unknown function of the file assets/setup.nsi of the component Installer. Such manipulation leads to uncontrolled search path. This vulnerability is listed as CVE-2025-11940. The attack must be carried out locally. There is no available exploit. It is suggested to upgrade the affected component.

A vulnerability classified as problematic was found in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. This vulnerability was named CVE-2022-4981. The attack needs to be approached locally. In addition, an exploit is available. Upgrading the affected component is advised.

A vulnerability classified as critical has been found in DCMTK up to 3.6.5. The affected element is the function parseQuota of the component dcmqrscp. The manipulation of the argument StorageQuota leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2020-36855. Local access is required to approach this attack. Moreover, an exploit is present. It is recommended to upgrade the affected component.

Как SIM-боксы помогали преступникам обходить операторов и маскировать звонки.

Submit #673134 / VDB-329029

Submit #673137 / VDB-329028

Currently trending CVE - Hype Score: 25 - An Incorrect Provision of Specified Functionality vulnerability [CWE-684] in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, 6.4 all versions may allow a local authenticated attacker to execute system commands via crafted CLI commands.

Currently trending CVE - Hype Score: 26 - External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

MOUNTAIN VIEW, Calif. — The crowd stirred when Ameca blinked.

Related:The emergent workflow cadences of GenAI

We were gathered inside the Computer History Museum at Infineon Technologies OktoberTech 2025 conference. Onstage, marketing chief Andreas Urschitz carried on a … (more…)

The post MY TAKE: Dispatch from OktoberTech 2025 — AI adoption is racing ahead, far outpacing control first appeared on The Last Watchdog.

The post MY TAKE: Dispatch from OktoberTech 2025 — AI adoption is racing ahead, far outpacing control appeared first on Security Boulevard.

期待！！！！

看雪论坛作者ID：Calparrot