Gunra
You must login to view this content
Aggregator
Biotech platforms keep missing the mark on security fundamentals
8 months 3 weeks ago
A new security posture report on the biotech sector shows how quickly attackers could reach sensitive health data with only basic reconnaissance. Researchers needed less than two hours per company to uncover exposed genomic records, unprotected APIs, and misconfigured systems, according to Sekurno. Real-world timeline showing how attackers could pivot from passive reconnaissance to accessing sensitive genomic data in under 2 hours. APIs exposing sensitive data APIs were the most common weakness, accounting for 34% … More →
The post Biotech platforms keep missing the mark on security fundamentals appeared first on Help Net Security.
Anamarija Pogorelec
0xr0BIT создал TaskHound для аудита. Или для атак. Зависит от того, кто его запустит
8 months 3 weeks ago
Парсит XML задач через SMB, находит привилегированные учётки и готовит экспорт в BloodHound.
Multiple Splunk Enterprise Vulnerabilities Let Attackers Execute Unauthorized JavaScript code
8 months 3 weeks ago
Splunk has released patches for multiple vulnerabilities in its Enterprise and Cloud Platform products, some of which could allow attackers to execute unauthorized JavaScript code, access sensitive information, or cause a denial-of-service (DoS) condition. The advisories, published on October 1, 2025, detail six security flaws, with severity ratings ranging from Medium to High. The most […]
The post Multiple Splunk Enterprise Vulnerabilities Let Attackers Execute Unauthorized JavaScript code appeared first on Cyber Security News.
Guru Baran
CVE-2024-50249 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 CPPC sugov_update_shared stack-based overflow (Nessus ID 211777 / WID-SEC-2024-3397)
8 months 3 weeks ago
A vulnerability labeled as critical has been found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. Affected is the function sugov_update_shared of the component CPPC. Executing manipulation can lead to stack-based buffer overflow.
This vulnerability appears as CVE-2024-50249. The attacker needs to be present on the local network. There is no available exploit.
The affected component should be upgraded.
vuldb.com
CVE-2024-50250 | Linux Kernel up to 6.1.115/6.6.59/6.11.6 fsdax dax_unshare_iter pos/len return value (Nessus ID 211777 / WID-SEC-2024-3397)
8 months 3 weeks ago
A vulnerability marked as problematic has been reported in Linux Kernel up to 6.1.115/6.6.59/6.11.6. Affected by this vulnerability is the function dax_unshare_iter of the component fsdax. The manipulation of the argument pos/len leads to unchecked return value.
This vulnerability is traded as CVE-2024-50250. Access to the local network is required for this attack to succeed. There is no exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2024-50252 | Linux Kernel up to 6.1.115/6.6.59/6.11.6 spectrum_ipip reference count (Nessus ID 211777 / WID-SEC-2024-3397)
8 months 3 weeks ago
A vulnerability was found in Linux Kernel up to 6.1.115/6.6.59/6.11.6 and classified as problematic. The impacted element is an unknown function of the component spectrum_ipip. The manipulation results in improper update of reference count.
This vulnerability is identified as CVE-2024-50252. The attack can only be performed from the local network. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2024-50244 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 ntfs3 ni_clear uninitialized pointer (Nessus ID 211777 / WID-SEC-2024-3397)
8 months 3 weeks ago
A vulnerability was found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. It has been rated as problematic. This affects the function ni_clear of the component ntfs3. The manipulation leads to uninitialized pointer.
This vulnerability is listed as CVE-2024-50244. The attack must be carried out from within the local network. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2024-50247 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 ntfs3 out-of-bounds (Nessus ID 211777 / WID-SEC-2024-3397)
8 months 3 weeks ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. This vulnerability affects unknown code of the component ntfs3. The manipulation results in out-of-bounds read.
This vulnerability is cataloged as CVE-2024-50247. The attack must originate from the local network. There is no exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2024-50255 | Linux Kernel up to 6.1.115/6.6.59/6.11.6 __hci_cmd_sync_sk null pointer dereference (Nessus ID 211777 / WID-SEC-2024-3397)
8 months 3 weeks ago
A vulnerability classified as problematic has been found in Linux Kernel up to 6.1.115/6.6.59/6.11.6. This affects the function __hci_cmd_sync_sk. The manipulation leads to null pointer dereference.
This vulnerability is traded as CVE-2024-50255. Access to the local network is required for this attack to succeed. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-50245 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 ntfs3 ni_lock_dir deadlock (Nessus ID 211777 / WID-SEC-2024-3397)
8 months 3 weeks ago
A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. Affected is the function ni_lock_dir of the component ntfs3. This manipulation causes deadlock.
This vulnerability is handled as CVE-2024-50245. The attack can only be done within the local network. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2024-50259 | Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6 netdevsim nsim_nexthop_bucket_activity_write out-of-bounds (Nessus ID 211777 / WID-SEC-2024-3397)
8 months 3 weeks ago
A vulnerability, which was classified as problematic, was found in Linux Kernel up to 5.15.170/6.1.115/6.6.59/6.11.6. Impacted is the function nsim_nexthop_bucket_activity_write of the component netdevsim. Executing manipulation can lead to out-of-bounds read.
The identification of this vulnerability is CVE-2024-50259. The attack needs to be done within the local network. There is no exploit available.
You should upgrade the affected component.
vuldb.com
CVE-2024-50254 | Linux Kernel up to 6.11.6 bpf_iter_bits_destroy iteration (9cee266fafaf/101ccfbabf47 / Nessus ID 216493)
8 months 3 weeks ago
A vulnerability classified as problematic has been found in Linux Kernel up to 6.11.6. This affects the function bpf_iter_bits_destroy. This manipulation causes excessive iteration.
This vulnerability is handled as CVE-2024-50254. The attack can only be done within the local network. There is not any exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-50253 | Linux Kernel up to 6.11.6 bpf_iter_bits_new nr_words stack-based overflow (c9539e09c678/393397fbdcad / Nessus ID 216493)
8 months 3 weeks ago
A vulnerability described as critical has been identified in Linux Kernel up to 6.11.6. Affected by this issue is the function bpf_iter_bits_new. The manipulation of the argument nr_words results in stack-based buffer overflow.
This vulnerability is known as CVE-2024-50253. Access to the local network is required for this attack. No exploit is available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2024-50239 | Linux Kernel up to 6.6.59/6.11.6 qmp-usb-legacy null pointer dereference (7e8066811a2c/b1cffd00daa9/29240130ab77 / Nessus ID 216493)
8 months 3 weeks ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 6.6.59/6.11.6. This affects an unknown function of the component qmp-usb-legacy. Such manipulation leads to null pointer dereference.
This vulnerability is documented as CVE-2024-50239. The attack requires being on the local network. There is not any exploit available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2024-50238 | Linux Kernel up to 6.11.6 qmp-usbc null pointer dereference (c7086dc0539b/34c21f94fa1e / Nessus ID 216493)
8 months 3 weeks ago
A vulnerability was found in Linux Kernel up to 6.11.6. It has been rated as problematic. The impacted element is an unknown function of the component qmp-usbc. This manipulation causes null pointer dereference.
This vulnerability is registered as CVE-2024-50238. The attack requires access to the local network. No exploit is available.
Upgrading the affected component is advised.
vuldb.com
CVE-2024-50260 | Linux Kernel up to 6.11.6 sock_map sock_map_link_update_prog null pointer dereference (9afe35fdda16/740be3b9a6d7 / Nessus ID 216493)
8 months 3 weeks ago
A vulnerability marked as problematic has been reported in Linux Kernel up to 6.11.6. The affected element is the function sock_map_link_update_prog of the component sock_map. Performing manipulation results in null pointer dereference.
This vulnerability is reported as CVE-2024-50260. The attacker must have access to the local network to execute the attack. No exploit exists.
It is suggested to upgrade the affected component.
vuldb.com
OpenAI 卖货做视频,Anthropic 专心写代码,谁能赢?
8 months 3 weeks ago
当前环境出现异常,需完成验证后才能继续访问。
OpenAI 卖货做视频,Anthropic 专心写代码,谁能赢?
8 months 3 weeks ago
两家公司,两种路线,通向同样的目标吗?
Underwriting is shifting to AI-driven, real-time decisions by 2030
8 months 3 weeks ago
Underwriting is undergoing a major transformation as financial institutions push for faster decisions, better fraud detection, and greater personalization, according to a new global Experian report. By 2030, credit decisions are expected to become embedded in everyday transactions, with artificial intelligence and automation taking on a bigger role. The report, based on surveys and interviews with 708 senior credit and fraud risk leaders across 10 countries, found that 83 percent of respondents expect real-time loan … More →
The post Underwriting is shifting to AI-driven, real-time decisions by 2030 appeared first on Help Net Security.
Anamarija Pogorelec