New VVS Stealer Malware Targets Discord Users via Fake System Errors

Palo Alto Networks’ new report reveals VVS Stealer uses Discord Injection and fake error messages to steal tokens and MFA codes. Protect your account from this new Python-based threat...

CVE-2025-40303

CVE-2025-40303 is a Linux kernel btrfs issue resolved by ensuring no dirty metadata is written back when the filesystem is in an error state. The root cause was that, after an error is detected, some metadata modifications remained in the btrie inode page cache and could be written back during ip...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient negative file size checking, which could lead to file system errors...

CVE-2024-58094

In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfstruncatenolock Added a check for "read-only" mode in the jfstruncatenolock function to avoid errors related to writing to a read-only filesystem. Call stack: blockwritebegin...

Linux Distros Unpatched Vulnerability : CVE-2022-49335

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. Submitting a cs with 0 chunks, causes an oops later, found trying to execute the wrong userspace...

CVE-2022-49670

In the Linux kernel, the following vulnerability has been resolved: linux/dim: Fix divide by 0 in RDMA DIM Fix a divide 0 error in rdmadimstatscompare when prev-cperatio == 0. CallTrace: Hardware name: H3C R4900 G3/RS33M2C9S, BIOS 2.00.37P21 03/12/2020 task: ffff880194b78000 task.stack:...

CVE-2024-40943

CVE-2024-40943 arises from a race in OCFS2 where hole punching and AIO/DIO co-exist, allowing an unwritten extent to be removed during I/O. The Linux kernel fix adds synchronization to wait for outstanding direct I/O before fallocate/punch_hole, preventing inconsistent extent state and potential ...

CVE-2021-47268 usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port A pending hrtimer may expire after the kthreadworker of tcpm port is destroyed, see below kernel dump when do module unload, fix it by cancel the 2...

CVE-2023-7236 Backup Bolt <= 1.3.0 - Sensitive Data Exposure

The Backup Bolt WordPress plugin through 1.3.0 is vulnerable to Information Exposure via the unprotected access of debug logs. This makes it possible for unauthenticated attackers to retrieve the debug log which may contain information like system errors which could contain sensitive information...

Kernel update: Virtuozzo ReadyKernel patch 131.0 for Virtuozzo Hybrid Server 7.0

The cumulative Virtuozzo ReadyKernel patch was updated with a stability fix. The patch applies to the kernels 3.10.0-1062.4.2.vz7.116.7 Virtuozzo Hybrid Server 7.0.12 HF1, 3.10.0-1062.12.1.vz7.131.10 Virtuozzo Hybrid Server 7.0.13, 3.10.0-1127.8.2.vz7.151.14 Virtuozzo Hybrid Server 7.0.14,...

CVE-2018-12266

system\errors\404.php in HongCMS 3.0.0 has XSS via crafted input that triggers a 404 HTTP status code...

Intel Halts Spectre/Meltdown Patching for Broadwell and Haswell Systems

Intel is advising OEMs and partners to halt patching for the Spectre and Meltdown vulnerabilities amid numerous reports the updates are causing reboot issues on systems running the Broadwell and Haswell microprocessors. “We recommend that OEMs, cloud service providers, system manufacturers,...

Huawei UAP2105 Command Injection Vulnerability

The Huawei UAP2105 is a home-based WCDMA wireless network access device. The Huawei UAP2105 suffers from a command injection vulnerability that allows local attackers to execute VxWorks debugging commands via a serial port access shell to view and modify memory and files, resulting in information...

Alpha Black Zero <= 1.04 Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================= Alpha Black Zero include include ifdef WIN32 include include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: err...

Unixware 7.1.1 rtpm

$ uname -a UnixWare paris 5 7.1.1 i386 x86at SCO UNIXSVR5 this is a two node NSC $ id uid=101fixxxer gid=1other $ ls -al /usr/sbin/rtpm -r-xr-sr-x 1 bin sys 288324 Mar 22 22:35 /usr/sbin/rtpm $ export TERM=perl -e 'printf "B"x4800' $ rtpm Memory fault $ bash Memory faultcoredump $ vi Memory...