Aggregator

CVE-2025-5867 | RT-Thread 5.1.0 lwp_syscall.c csys_sendto null pointer dereference (Issue 10299 / EUVD-2025-17443)

Vuldb Updates
6 months 1 week ago
A vulnerability classified as critical was found in RT-Thread 5.1.0. This vulnerability affects the function csys_sendto of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument to leads to null pointer dereference. This vulnerability was named CVE-2025-5867. The attack needs to be approached within the local network. There is no exploit available.
vuldb.com

CVE-2025-5868 | RT-Thread 5.1.0 lwp_syscall.c sys_thread_sigprocmask how array index (Issue 10303 / EUVD-2025-17441)

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. The identification of this vulnerability is CVE-2025-5868. The attack can only be done within the local network. There is no exploit available.
vuldb.com

谷歌CEO皮查伊:为什么说AI意义将超越火与电?

Solidot
6 months 1 week ago

谷歌CEO桑达尔·皮查伊接受《Lex Fridman Podcast》深度访谈,分享了从个人成长到AI战略的深刻见解。一年前谷歌在AI竞赛中被批评落后,但随着Gemini系列模型发布,已重回领先地位。皮查伊的核心决策原则是"信号降噪"——将外界批评视为噪音,专注第一性原理和长期技术趋势。他在压力下果断合并DeepMind与Google Brain两大AI团队,推动公司全面转向"AI优先"。皮查伊认为AI是比火与电更深远的技术革命,因其递归自我改进能力将极大加速创造本身。关于AGI时间表,他预测略晚于2030年,但对P(Doom)保持乐观,相信人类会在面临真正威胁时团结应对。在产品层面,谷歌正通过AI Overviews和AI Mode重塑搜索体验,同时布局XR和机器人等未来计算平台。皮查伊的童年经历——从缺水缺电到拥有热水和电话的技术跃迁——塑造了他对科技改变生活力量的坚定信念。他倡导"登月思维",认为雄心勃勃的目标能吸引顶尖人才,即使只实现60%也是巨大成功。查看全文

Beware for Developers: 16 React Native Packages with Millions of Downloads Compromised Overnight

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
6 months 1 week ago

Cybersecurity researchers have uncovered a large-scale attack targeting the npm ecosystem, compromising 16 popular React Native packages with a combined download count exceeding one million per week. The attack, detected on June 6th, 2025, represents a significant escalation in the ongoing campaign by a sophisticated threat actor, previously linked to the compromise of the rand-user-agent […]

The post Beware for Developers: 16 React Native Packages with Millions of Downloads Compromised Overnight appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

CVE-2017-7018 | Apple tvOS up to 10.2.1 WebKit memory corruption (HT207924 / EDB-42373)

Vuldb Updates
6 months 1 week ago
A vulnerability was found in Apple tvOS up to 10.2.1. It has been classified as critical. This affects an unknown part of the component WebKit. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2017-7018. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-27361 | Samsung Exynos 2400 denial of service (EUVD-2024-24565)

Vuldb Updates
6 months 1 week ago
A vulnerability classified as problematic was found in Samsung Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380 and Exynos 2400. Affected by this vulnerability is an unknown functionality. The manipulation leads to denial of service. This vulnerability is known as CVE-2024-27361. Access to the local network is required for this attack. There is no exploit available.
vuldb.com

CVE-2024-27283 | Veritas eDiscovery Platform up to 10.2.4 unrestricted upload (EUVD-2024-24520)

Vuldb Updates
6 months 1 week ago
A vulnerability has been found in Veritas eDiscovery Platform up to 10.2.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2024-27283. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-27356 | GL-iNet X1200 information disclosure (EUVD-2024-24560 / EDB-51942)

Vuldb Updates
6 months 1 week ago
A vulnerability was found in GL-iNet MT6000, XE3000, X3000, MT3000, MT2500, AXT1800, AX1800, A1300, S200, X750, SFT1200, XE300, MT1300, AR750, AR750S, AR300M, AR300M16, B1300, MT300N-v2, X300B, S1300, SF1200, MV1000, N300, B2200 and X1200. It has been classified as problematic. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-27356. The attack needs to be approached within the local network. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-26529 | MZ Automation libIEC61850 up to 1.5.3 mms_named_variable_list_service.c mmsServer_handleDeleteNamedVariableListRequest denial of service (Issue 492 / EUVD-2024-23794)

Vuldb Updates
6 months 1 week ago
A vulnerability was found in MZ Automation libIEC61850 up to 1.5.3 and classified as problematic. Affected by this issue is the function mmsServer_handleDeleteNamedVariableListRequest of the file src/mms/iso_mms/server/mms_named_variable_list_service.c. The manipulation leads to denial of service. This vulnerability is handled as CVE-2024-26529. The attack may be launched remotely. There is no exploit available.
vuldb.com

CVE-2025-35009 | Microhard IPn4Gii/Bullet-LTE up to 1.2.0-r1132 AT+MNNETSP Command argument injection (EUVD-2025-17399)

Vuldb Updates
6 months 1 week ago
A vulnerability, which was classified as critical, was found in Microhard IPn4Gii and Bullet-LTE up to 1.2.0-r1132. Affected is an unknown function of the component AT+MNNETSP Command Handler. The manipulation leads to argument injection. This vulnerability is traded as CVE-2025-35009. An attack has to be approached locally. There is no exploit available.
vuldb.com

Managed ad