Aggregator

CVE-2024-57893 | Linux Kernel up to 6.1.123/6.6.69/6.12.8 ALSA out-of-bounds (Nessus ID 214781 / WID-SEC-2025-0105)

Vuldb Updates
1 week 5 days ago
A vulnerability was found in Linux Kernel up to 6.1.123/6.6.69/6.12.8. It has been rated as problematic. Affected by this issue is some unknown functionality of the component ALSA. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2024-57893. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-57892 | Linux Kernel up to 6.6.69/6.12.8 ocfs2_get_next_id use after free (Nessus ID 214781 / WID-SEC-2025-0105)

Vuldb Updates
1 week 5 days ago
A vulnerability was found in Linux Kernel up to 6.6.69/6.12.8 and classified as critical. This issue affects the function ocfs2_get_next_id. The manipulation leads to use after free. The identification of this vulnerability is CVE-2024-57892. The attack can only be initiated within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-57891 | Linux Kernel up to 6.12.8 sched_ext scx_ops_bypass state issue (WID-SEC-2025-0105)

Vuldb Updates
1 week 5 days ago
A vulnerability was found in Linux Kernel up to 6.12.8 and classified as problematic. This issue affects the function scx_ops_bypass of the component sched_ext. The manipulation leads to state issue. The identification of this vulnerability is CVE-2024-57891. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-23392 | SUSE Manager Server spacewalk-java cross site scripting (Nessus ID 242658)

Vuldb Updates
1 week 5 days ago
A vulnerability, which was classified as problematic, has been found in SUSE Manager Server. Affected by this issue is some unknown functionality of the component spacewalk-java. The manipulation leads to basic cross site scripting. This vulnerability is handled as CVE-2025-23392. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-38822 | VMware SALT prior 3006.12/3007.4 a one-way hash with a predictable salt (EUVD-2024-54685 / Nessus ID 242657)

Vuldb Updates
1 week 5 days ago
A vulnerability classified as problematic was found in VMware SALT. This vulnerability affects unknown code. The manipulation leads to use of a one-way hash with a predictable salt. This vulnerability was named CVE-2024-38822. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-22238 | VMware SALT prior 3006.12/3007.4 Cache path traversal (EUVD-2025-18252 / Nessus ID 242657)

Vuldb Updates
1 week 5 days ago
A vulnerability was found in VMware SALT and classified as critical. Affected by this issue is some unknown functionality of the component Cache Handler. The manipulation leads to path traversal. This vulnerability is handled as CVE-2025-22238. An attack has to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-38825 | VMware SALT prior 3006.12/3007.4 salt.auth.pki Password certificate validation (EUVD-2024-54683 / Nessus ID 242657)

Vuldb Updates
1 week 5 days ago
A vulnerability was found in VMware SALT. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component salt.auth.pki. The manipulation of the argument Password leads to improper certificate validation. This vulnerability is known as CVE-2024-38825. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-38823 | VMware SALT prior 3006.12/3007.4 authentication replay (EUVD-2024-54684 / Nessus ID 242657)

Vuldb Updates
1 week 5 days ago
A vulnerability classified as critical has been found in VMware SALT. This affects an unknown part. The manipulation leads to authentication bypass by capture-replay. This vulnerability is uniquely identified as CVE-2024-38823. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2025-22237 | VMware SALT prior 3006.12/3007.4 command injection (EUVD-2025-18253 / Nessus ID 242657)

Vuldb Updates
1 week 5 days ago
A vulnerability has been found in VMware SALT and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to command injection. This vulnerability is known as CVE-2025-22237. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

APT28 Hackers Unveil First LLM-Powered Malware, Enhancing Attack Techniques with AI

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
1 week 5 days ago

Ukraine’s Computer Emergency Response Team (CERT-UA) has publicly reported the emergence of LAMEHUG, marking it as the inaugural malware to embed large language model (LLM) capabilities directly into its attack chain. This campaign targets Ukrainian government officials through phishing emails masquerading as communications from ministry representatives. These emails deliver ZIP archives containing PyInstaller-compiled Python executables, […]

The post APT28 Hackers Unveil First LLM-Powered Malware, Enhancing Attack Techniques with AI appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Phishers Target Aviation Execs to Scam Customers

Krebs on Security
1 week 5 days ago
KrebsOnSecurity recently heard from a reader whose boss's email account got phished and was used to trick one of the company's customers into sending a large payment to scammers. An investigation into the attacker's infrastructure points to a long-running Nigerian cybercrime group that is actively targeting established companies in the transportation and aviation industries.
BrianKrebs

Top IT Staff Augmentation Companies in USA 2025

Hack Read
1 week 5 days ago
Staff augmentation is a strategy for smart tech teams looking to launch something big. Trying to plug skill gaps or scale without the overhead? Collaborate with a trusted IT staff augmentation company.
Owais Sultan

Managed ad