Aggregator
【漏洞通告】Linux内核权限提升漏洞(Dirty Frag)
1 month 1 week ago
阅读: 15通告编号 NS-2026-0012TAG:Linux、kernel、Dirty Frag漏洞危害:攻
Hack for a Change 2026 May: UN SDG 1
1 month 1 week ago
Name: Hack for a Change 2026 May: UN SDG 1 (an Hack for a Change event.)
Date: May 19, 2026, midnight — 21 May 2026, 23:59 UTC [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://www.hackforachange.org/
Rating weight: 24.53
Event organizers: Hack for a Change
Date: May 19, 2026, midnight — 21 May 2026, 23:59 UTC [add to calendar]
Format: Jeopardy
On-line
Offical URL: https://www.hackforachange.org/
Rating weight: 24.53
Event organizers: Hack for a Change
Waymo暂停在高速公路上提供Robotaxi服务
1 month 1 week ago
Waymo 已暂停了在旧金山、洛杉矶、凤凰城和迈阿密的高速公路上的自动驾驶出租车服务,因为其正在努力改善在施工区域的表现。Waymo 表示,公司正在将“最近的技术经验整合到我们的软件中,并预计很快恢复
文档基金会(开源LibreOffice开发商)再次发文抨击微软的OOXML专有格式
1 month 1 week ago
ISC Stormcast For Friday, May 22nd, 2026 https://isc.sans.edu/podcastdetail/9942, (Fri, May 22nd)
1 month 1 week ago
【安全更新】微软5月安全更新多个产品高危漏洞通告
1 month 1 week ago
阅读: 5通告编号 NS-2026-0013TAG:安全更新、Windows、Office、SQL Server、Azure漏洞危害:攻击
【已复现】Linux内核Fragnesia权限提升漏洞(CVE-2026-46300)
1 month 1 week ago
阅读: 18通告编号 NS-2026-0014TAG:Linux、kernel、CVE-2026-46300漏洞危
CVE-2026-43444 | Linux Kernel up to 6.12.77/6.18.18/6.19.8 null pointer dereference
1 month 1 week ago
A vulnerability has been found in Linux Kernel up to 6.12.77/6.18.18/6.19.8 and classified as critical. This vulnerability affects unknown code. Performing a manipulation results in null pointer dereference.
This vulnerability is identified as CVE-2026-43444. The attack can only be performed from the local network. There is not any exploit available.
The affected component should be upgraded.
vuldb.com
CVE-2026-43445 | Linux Kernel up to 6.19.8 Igbvf Driver _tx_map off-by-one
1 month 1 week ago
A vulnerability was found in Linux Kernel up to 6.19.8 and classified as critical. This issue affects the function _tx_map of the component Igbvf Driver. Executing a manipulation can lead to off-by-one.
This vulnerability is tracked as CVE-2026-43445. The attack is only possible within the local network. No exploit exists.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-43443 | Linux Kernel up to 6.19.8 ASoC acp_card_rt5682_init denial of service
1 month 1 week ago
A vulnerability marked as critical has been reported in Linux Kernel up to 6.19.8. This impacts the function acp_card_rt5682_init of the component ASoC. The manipulation leads to denial of service.
This vulnerability is documented as CVE-2026-43443. The attack requires being on the local network. There is not any exploit available.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-43446 | Linux Kernel up to 6.19.8 amdxdna pm_runtime_resume_and_get deadlock
1 month 1 week ago
A vulnerability described as critical has been identified in Linux Kernel up to 6.19.8. Affected is the function pm_runtime_resume_and_get of the component amdxdna. The manipulation results in deadlock.
This vulnerability is reported as CVE-2026-43446. The attacker must have access to the local network to execute the attack. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-43442 | Linux Kernel up to 6.19.8 io_init_req privilege escalation
1 month 1 week ago
A vulnerability classified as problematic was found in Linux Kernel up to 6.19.8. This issue affects the function io_init_req. Executing a manipulation can lead to privilege escalation.
This vulnerability appears as CVE-2026-43442. The attacker needs to be present on the local network. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-43441 | Linux Kernel up to 6.19.8 inet6_init null pointer dereference (Nessus ID 313450)
1 month 1 week ago
A vulnerability was found in Linux Kernel up to 6.1.166/6.6.129/6.12.77/6.18.18/6.19.8. It has been declared as critical. The affected element is the function inet6_init. The manipulation results in null pointer dereference.
This vulnerability is cataloged as CVE-2026-43441. The attack must originate from the local network. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-43440 | Linux Kernel up to 6.18.18/6.19.8 mana_gd_setup use after free (Nessus ID 313451)
1 month 1 week ago
A vulnerability labeled as critical has been found in Linux Kernel up to 6.18.18/6.19.8. This affects the function mana_gd_setup. Executing a manipulation can lead to use after free.
This vulnerability is registered as CVE-2026-43440. The attack requires access to the local network. No exploit is available.
The affected component should be upgraded.
vuldb.com
【漏洞通告】Nginx远程代码执行漏洞(CVE-2026-42945)
1 month 1 week ago
阅读: 16通告编号 NS-2026-0015TAG:Nginx、ngx_http_rewrite_module、CVE-2026-42945
CISA to allow researchers to report vulnerabilities to exploited bugs catalog
1 month 1 week ago
The federal cybersecurity agency has created a new pathway for people outside of the U.S. governmen
马斯克集团化整合SpaceX、xAI大赚一笔
1 month 1 week ago
马斯克集团化整合SpaceX、xAI大赚一笔周三,就在SpaceX开启历史性的IPO前,该公司提交的监管文件显示,它已从银行获得了一笔 200 亿美元的过桥贷款,这笔资金将被用来偿还马斯克的社交媒体和
CVE-2026-3073 | GitLab Community Edition/Enterprise Edition up to 18.9.6/18.10.5/18.11.2 authorization (Nessus ID 316053)
1 month 1 week ago
A vulnerability classified as problematic was found in GitLab Community Edition and Enterprise Edition up to 18.9.6/18.10.5/18.11.2. This issue affects some unknown processing. Such manipulation leads to authorization bypass.
This vulnerability is listed as CVE-2026-3073. The attack may be performed from remote. There is no available exploit.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-4524 | GitLab Community Edition/Enterprise Edition up to 18.9.6/18.10.5/18.11.2 authentication bypass (Nessus ID 316054)
1 month 1 week ago
A vulnerability was found in GitLab Community Edition and Enterprise Edition up to 18.9.6/18.10.5/18.11.2. It has been declared as critical. Affected is an unknown function. Such manipulation leads to authentication bypass using alternate channel.
This vulnerability is traded as CVE-2026-4524. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com