Aggregator

A vulnerability was found in GNU binutils 2.32 and classified as critical. This issue affects the function process_mips_specific of the file readelf.c of the component MIPS Option Handler. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-2019-9077. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as critical has been found in Apache HTTP Server up to 2.4.52. This affects an unknown part of the component Inbound Connection Handler. The manipulation leads to http request smuggling. This vulnerability is uniquely identified as CVE-2022-22720. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Apple macOS up to 12.3. This issue affects some unknown processing of the component Apache. The manipulation leads to http request smuggling. The identification of this vulnerability is CVE-2022-22720. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in GNU binutils 2.32. It has been rated as problematic. This issue affects the function d_count_templates_scopes of the file cp-demangle.c of the component GNU libiberty. The manipulation leads to improper resource management. The identification of this vulnerability is CVE-2019-9071. Local access is required to approach this attack. There is no exploit available.

A vulnerability classified as problematic was found in GNU binutils 2.32. Affected by this vulnerability is the function _bfd_elf_slurp_version_tables of the file elf.c of the component libbfd. The manipulation leads to improper resource management. This vulnerability is known as CVE-2019-9073. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as critical, has been found in GNU binutils 2.32. Affected by this issue is the function pex64_get_runtime_function of the file libbfd.c of the component libbfd. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2019-9074. The attack needs to be approached locally. There is no exploit available.

A vulnerability classified as critical has been found in GNU binutils 2.32. This affects the function _bfd_dwarf2_find_nearest_line of the file dwarf2.c of the component libbfd. The manipulation as part of File Descriptor leads to integer overflow. This vulnerability is uniquely identified as CVE-2019-17451. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in GNU binutils. It has been rated as critical. Affected by this issue is some unknown functionality of the component Comparison. The manipulation as part of ELF File leads to out-of-bounds read. This vulnerability is handled as CVE-2019-1010204. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability was found in GNU libiberty. It has been rated as critical. Affected by this issue is the function simple_object_elf_match of the file simple-object-elf.c. The manipulation of the argument shstrndx leads to integer overflow. This vulnerability is handled as CVE-2019-14250. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as critical, was found in GNU binutils 2.32. Affected is the function apply_relocations of the file readelf.c. The manipulation as part of ELF File leads to integer overflow. This vulnerability is traded as CVE-2019-14444. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in GNU binutils 3.32. It has been rated as problematic. Affected by this issue is the function find_abstract_instance of the file dwarf2.c of the component libbfd. The manipulation as part of ELF File leads to uncontrolled recursion. This vulnerability is handled as CVE-2019-17450. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in PHP up to 7.4.29/8.0.19/8.1.6. This affects an unknown part of the component Parametrized Query Handler. The manipulation leads to uninitialized pointer. This vulnerability is uniquely identified as CVE-2022-31625. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Authorities in the republic of Chuvashia confirmed attackers targeted software used to manage patient records and medical histories.

In a significant setback for US cybercrime enforcement efforts, Russian hacker Andrei Tarasov has evaded extradition to the United States and successfully returned to his homeland, intelligence sources confirm. Tarasov, 33, known in cybercriminal circles by the aliases “Aels” and, more recently, “Lavander,” was arrested in Berlin on July 18, 2023, as part of a […]

The post Malware Mastermind Andrei Tarasov Evades US Extradition Returns to Russia appeared first on Cyber Security News.

Новый механизм подкачки обещает меньше памяти в простое и больше гибкости.

The Federal Bureau of Investigation (FBI) issued an urgent warning Thursday about an ongoing malicious campaign where cybercriminals are impersonating senior US officials through text messages and AI-generated voice calls. The sophisticated attack, which began in April 2025, primarily targets current and former federal and state government officials and their contacts, raising serious concerns about […]

The post FBI Warns of US Govt Officials Impersonated in Malicious Message Campaign appeared first on Cyber Security News.

Security update KB5058379 for Windows 10, released in May 2025, is causing significant technical issues for numerous systems. Users report their devices are unexpectedly booting into Windows Recovery mode and requiring BitLocker recovery keys following the update installation. Windows 10 KB5058379 is causing PCs to boot into Windows Recovery and require BitLocker key. Despite these […]

The post Windows 10 KB5058379 Update Causes PCs to Enter Recovery Mode and Prompt for BitLocker Key appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Critical security flaws have been uncovered in Ivanti Endpoint Manager Mobile (EPMM), a widely used mobile device management (MDM) solution, exposing organizations to the risk of unauthenticated remote code execution (RCE). The vulnerabilities, tracked as CVE-2025-4427 and CVE-2025-4428, have been actively exploited in the wild, prompting urgent calls for patching from security agencies and Ivanti […]

The post Multiple Ivanti Endpoint Mobile Manager Vulnerabilities Allows Remote Code Execution appeared first on Cyber Security News.

A vulnerability, which was classified as critical, has been found in Boesch-it FAQEngine 4.24.00. This issue affects some unknown processing of the file attachs.php. The manipulation of the argument path_faqe leads to code injection. The identification of this vulnerability is CVE-2010-1360. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #574598 / VDB-309288