Aggregator

CVE-2022-50620 | Linux Kernel up to 5.15.85/6.0.15/6.1.1 f2fs include/linux/refcount.h f2fs_start_discard_thread null pointer dereference (WID-SEC-2025-2756)

Vuldb Updates
3 weeks 2 days ago
A vulnerability identified as critical has been detected in Linux Kernel up to 5.15.85/6.0.15/6.1.1. This issue affects the function f2fs_start_discard_thread in the library include/linux/refcount.h of the component f2fs. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2022-50620. Access to the local network is required for this attack to succeed. There is no exploit available. You should upgrade the affected component.
vuldb.com

CVE-2022-50619 | Linux Kernel up to 5.15.76/6.0.6 kfd_mem_dmamap_userptr memory leak (WID-SEC-2025-2756)

Vuldb Updates
3 weeks 2 days ago
A vulnerability has been found in Linux Kernel up to 5.15.76/6.0.6 and classified as critical. Affected by this issue is the function kfd_mem_dmamap_userptr. This manipulation causes memory leak. This vulnerability is tracked as CVE-2022-50619. The attack is only possible within the local network. No exploit exists. The affected component should be upgraded.
vuldb.com

CVE-2022-50617 | Linux Kernel up to 5.15.85/6.0.15/6.1.1 memory leak (WID-SEC-2025-2756)

Vuldb Updates
3 weeks 2 days ago
A vulnerability described as critical has been identified in Linux Kernel up to 5.15.85/6.0.15/6.1.1. The impacted element is an unknown function. Such manipulation leads to memory leak. This vulnerability is uniquely identified as CVE-2022-50617. The attack can only be initiated within the local network. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

The Hackers News
3 weeks 2 days ago
Cybersecurity researchers are calling attention to a new campaign dubbed JS#SMUGGLER that has been observed leveraging compromised websites as a distribution vector for a remote access trojan named NetSupport RAT. The attack chain, analyzed by Securonix, involves three main moving parts: An obfuscated JavaScript loader injected into a website, an HTML Application (HTA) that runs encrypted
The Hacker News

Malicious Document Reader App in Google Play With 50K Downloads Installs Anatsa Malware

Cyber Security News
3 weeks 2 days ago

A deceptive Android application lurking in the Google Play Store, disguised as a document reader and file manager, but delivering the Anatsa banking trojan to users. Cybersecurity firm Zscaler ThreatLabz found an app named “Document Reader – File Manager” by developer ISTOQMAH. The app has amassed over 50,000 downloads while remaining live, tricking users into […]

The post Malicious Document Reader App in Google Play With 50K Downloads Installs Anatsa Malware appeared first on Cyber Security News.

Guru Baran

CVE-2025-66321 | Huawei HarmonyOS 5.0.1/5.1.0/6.0.0 Camera Framework race condition (EUVD-2025-201688)

Vuldb Updates
3 weeks 2 days ago
A vulnerability, which was classified as problematic, has been found in Huawei HarmonyOS 5.0.1/5.1.0/6.0.0. The affected element is an unknown function of the component Camera Framework Module. The manipulation leads to race condition. This vulnerability is traded as CVE-2025-66321. An attack has to be approached locally. There is no exploit available.
vuldb.com

CVE-2025-66322 | Huawei HarmonyOS 5.0.1/6.0.0 Camera Framework race condition (EUVD-2025-201687)

Vuldb Updates
3 weeks 2 days ago
A vulnerability was found in Huawei HarmonyOS 5.0.1/6.0.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Camera Framework Module. The manipulation leads to race condition. This vulnerability is referenced as CVE-2025-66322. The attack can only be performed from a local environment. No exploit is available.
vuldb.com

Managed ad