Aggregator

Oracle警告了一个关键的零日漏洞CVE-2025-61882，该漏洞存在于E-Business Suite的Concurrent Processing组件中，允许攻击者在无需认证的情况下远程执行代码。Clop勒索软件团伙已利用此漏洞进行数据窃取攻击。 Oracle已发布紧急更新修复该漏洞，并提醒用户需先安装之前的补丁才能应用新补丁。

BBC journalist Joe Tidy found himself entangled in a scenario that ordinarily lurks in the shadows of the

The post BBC Journalist Targeted in $100M Ransomware Scam, Offered Bitcoin Payout to Become Insider Threat appeared first on Penetration Testing Tools.

A new Android banking trojan known as Klopatra has infected more than three thousand smartphones within just a

The post Klopatra: New Android RAT Uses Hidden VNC and Commercial Obfuscation to Hijack European Banking Accounts appeared first on Penetration Testing Tools.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.10.13/6.11.2. Affected by this vulnerability is the function drr_timing of the component AMD Display. The manipulation results in improper initialization. This vulnerability is identified as CVE-2024-49898. The attack can only be performed from the local network. There is not any exploit available. It is advisable to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.2. It has been rated as critical. Affected is the function amdgpu_dm of the component AMD Display. The manipulation leads to null pointer dereference. This vulnerability is referenced as CVE-2024-49896. The attack needs to be initiated within the local network. No exploit is available. Upgrading the affected component is advised.

A vulnerability described as critical has been identified in Linux Kernel up to 6.10.13/6.11.2. This issue affects the function phantom_stream of the component AMD Display. Executing manipulation can lead to use after free. This vulnerability is registered as CVE-2024-49897. The attack requires access to the local network. No exploit is available. Upgrading the affected component is recommended.

A vulnerability was found in Linux Kernel up to 6.11.2 and classified as critical. Affected by this issue is the function cm3_helper_translate_curve_to_degamma_hw_format of the component AMD Display. Executing manipulation can lead to buffer overflow. The identification of this vulnerability is CVE-2024-49895. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.2. It has been declared as problematic. This impacts the function stream_status of the component AMD Display. Executing manipulation can lead to state issue. The identification of this vulnerability is CVE-2024-49893. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.11.2. Affected by this issue is the function cm_helper_translate_curve_to_degamma_hw_format of the component AMD Display. This manipulation causes buffer overflow. This vulnerability is tracked as CVE-2024-49894. The attack is only possible within the local network. No exploit exists. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.10.13/6.11.2. This vulnerability affects the function lpfc_sli_flush_io_rings of the component scsi. This manipulation causes null pointer dereference. This vulnerability is registered as CVE-2024-49891. The attack requires access to the local network. No exploit is available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.11.2. It has been classified as problematic. This affects the function get_bytes_per_element of the component AMD Display. Performing manipulation results in improper initialization. This vulnerability was named CVE-2024-49892. The attack needs to be approached within the local network. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability has been found in Linux Kernel up to 6.11.2 and classified as critical. The affected element is the function ext4_ext_show_leaf. This manipulation causes use after free. This vulnerability is handled as CVE-2024-49889. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 6.11.2 and classified as critical. The impacted element is the function fw_info of the component AMD. Such manipulation leads to null pointer dereference. This vulnerability is uniquely identified as CVE-2024-49890. The attack can only be initiated within the local network. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.10.13/6.11.2. Impacted is an unknown function of the component bpf. Performing manipulation results in buffer overflow. This vulnerability is reported as CVE-2024-49888. The attacker must have access to the local network to execute the attack. No exploit exists. It is suggested to upgrade the affected component.

Oracle is warning about a critical E-Business Suite zero-day vulnerability tracked as CVE-2025-61882 that allows attackers to perform unauthenticated remote code execution, with the flaw actively exploited in Clop data theft attacks. [...]

当前环境出现异常，需完成验证后才能继续访问。