Aggregator

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. The affected element is the function dqi_gqlock of the component ocfs2. The manipulation results in uninitialized pointer. This vulnerability is known as CVE-2022-49274. Access to the local network is required for this attack. No exploit is available. You should upgrade the affected component.

A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.4.188/5.10.109/5.15.32/5.16.18/5.17.1. This affects the function snd_dma_free_pages. The manipulation results in null pointer dereference. This vulnerability was named CVE-2022-49268. The attack needs to be approached within the local network. There is no available exploit. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.109/5.15.32/5.16.18/5.17.1 and classified as critical. Affected is the function smb2_ioctl_query_info. Such manipulation of the argument argv[] leads to memory corruption. This vulnerability is referenced as CVE-2022-49271. The attack needs to be initiated within the local network. No exploit is available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 5.10.109/5.15.32/5.16.18/5.17.1. It has been rated as critical. This affects the function to_user. The manipulation leads to improper update of reference count. This vulnerability is listed as CVE-2022-49272. The attack must be carried out from within the local network. There is no available exploit. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 5.10.109/5.15.32/5.16.18/5.17.1 and classified as problematic. This impacts the function vm_access. This manipulation causes out-of-bounds read. The identification of this vulnerability is CVE-2022-49261. The attack needs to be done within the local network. There is no exploit available. The affected component should be upgraded.

A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.15.32/5.16.18/5.17.1. This vulnerability affects the function CONFIG_DM_CRYPT of the component octeontx2. Executing a manipulation can lead to null pointer dereference. This vulnerability is handled as CVE-2022-49262. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability has been found in Linux Kernel up to 5.4.188/5.10.109/5.15.32/5.16.18/5.17.1 and classified as critical. This issue affects the function brcmf_pcie_setup. The manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-49263. The attack can only be initiated within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability described as problematic has been identified in Linux Kernel up to 5.10.109/5.15.32/5.16.18/5.17.1. Affected is the function free_watch. The manipulation results in memory leak. This vulnerability is reported as CVE-2022-49256. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Linux Kernel up to 5.10.109/5.15.32/5.16.18/5.17.1. Affected by this vulnerability is the function __free_page of the component watch_queue_set_size. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2022-49257. The attacker needs to be present on the local network. There is no available exploit. It is recommended to upgrade the affected component.

马斯克称苹果造车项目曾疯狂从特斯拉挖人； Netflix 827 亿美元收购华纳兄弟探索遭美司法部调查，聚焦垄断行为； 《华盛顿邮报》裁员数百人后贝索斯决策遭质疑，CEO 刘易斯宣布辞职

Flickr says a flaw at a third-party email provider may have exposed users’ names, email addresses, IPs, and account activity. Flickr is a photo-sharing platform owned by SmugMug. It has over 100 million registered users and millions of active photographers. Flickr warned users about a possible data breach caused by a flaw in a third-party […]

采用多层加密的CS样本分析

Bitter APT组织最新accdr攻击样本分析

Currently trending CVE - Hype Score: 1 - The Metro Development Server, which is opened by the React Native Community CLI, binds to external interfaces by default. The server exposes an endpoint that is vulnerable to OS command injection. This allows unauthenticated network attackers to send a POST request to the server ...

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been classified as critical. This impacts an unknown function of the file /admin/manage-users.php. This manipulation of the argument ID causes sql injection. This vulnerability is handled as CVE-2026-2179. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in Tenda RX3 16.03.13.11. It has been declared as critical. Affected is an unknown function of the file /goform/fast_setting_wifi_set. Such manipulation of the argument ssid_5g leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2026-2180. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability was found in Tenda RX3 16.03.13.11. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. This vulnerability was named CVE-2026-2181. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability categorized as critical has been discovered in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The identification of this vulnerability is CVE-2026-2182. The attack may be launched remotely. Furthermore, there is an exploit available.