Aggregator
CVE-2025-38245 | Linux Kernel up to 6.1.142/6.6.95/6.12.35/6.15.4/6.16-rc3 atm_dev_deregister information disclosure (EUVD-2025-20816)
CVE-2025-38250 | Linux Kernel up to 6.12.35/6.15.4/6.16-rc3 Bluetooth include/linux/skbuff.h vhci_flush use after free (EUVD-2025-20811)
CVE-2025-38241 | Linux Kernel up to 6.15.4/6.16-rc3 shmem allocation of resources (EUVD-2025-20820)
CVE-2025-48799 | Microsoft Windows up to Server 2025 Update Service link following (Nessus ID 241563)
组织先用好 AI,再谈 AI 改变组织
Microsoft fixes critical wormable Windows flaw (CVE-2025-47981)
For July 2025 Patch Tuesday, Microsoft has released patches for 130 vulnerabilities, among them one that’s publicly disclosed (CVE-2025-49719) and a wormable RCE bug on Windows and Windows Server (CVE-2025-47981). CVE-2025-49719 and CVE-2025-49717, in Microsoft SQL Server CVE-2025-49719 is an uninitialized memory disclosure vulnerability affecting Microsoft SQL Server, which can be remotely triggered by unauthorized attackers. Microsoft says that exploit code for it is “unproven” – i.e., not publicly available or simply theoretical – and … More →
The post Microsoft fixes critical wormable Windows flaw (CVE-2025-47981) appeared first on Help Net Security.
The 2025 Verizon Data Breach Report: A Wake-Up Call for MSPs
The data paints a clear picture: A full 20% of breaches this year stemmed from exploitation of known vulnerabilities, a 34% increase from last year.
The post The 2025 Verizon Data Breach Report: A Wake-Up Call for MSPs appeared first on Security Boulevard.
Samsung признал: ваши данные были беззащитны, но теперь все изменится навсегда
U.S. Sanctions North Korean Andariel Hacker Behind Fraudulent IT Worker Scheme
Microsoft 365 PDF Export Feature Vulnerable to LFI – Sensitive Data at Risk
A critical security vulnerability in Microsoft 365’s PDF export functionality has been discovered and subsequently patched, highlighting significant risks to sensitive enterprise data. The vulnerability, which earned its discoverer a $3,000 bounty from Microsoft’s Security Response Center (MSRC), exposed a Local File Inclusion (LFI) attack vector that could potentially compromise confidential system information across multi-tenant […]
The post Microsoft 365 PDF Export Feature Vulnerable to LFI – Sensitive Data at Risk appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.