Vulnerability Media Exposure

These listed vulnerabilities have been referenced across multiple public sources, indicating high media attention and potential significance.

• CVE-2024-5910

  Severity

  CRITICAL

  Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.

  paloaltonetworks:expedition
  • [ENGLISH] CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition software have come under active exploitation in the wild. To that end, it has added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the necessary updates

    Published: 2024-11-15T10:34:00+05:30
  • [ENGLISH] PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released

    Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild. To that end, the company said it observed malicious activity originating from below IP addresses and targeting PAN-OS management web interface IP addresses

    Published: 2024-11-16T13:51:00+05:30
  • [ENGLISH] THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)

    What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are getting smarter, faster, and more creative—using everything from human trust to hidden flaws in

    Published: 2024-11-18T17:06:00+05:30
  • [ENGLISH] THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

    ⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as secret pathways,

    Published: 2024-11-11T17:27:00+05:30
  • [ENGLISH] Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns

    Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface," the company said. "At this time, we do not know the specifics of the

    Published: 2024-11-09T11:42:00+05:30

• CVE-2024-43451

  Severity

  MEDIUM

  NTLM Hash Disclosure Spoofing Vulnerability

  microsoft:windows_10_1507

  microsoft:windows_10_1607

  microsoft:windows_10_1809

  microsoft:windows_10_21h2

  microsoft:windows_10_22h2

  microsoft:windows_11_22h2

  microsoft:windows_11_23h2

  microsoft:windows_11_24h2

  microsoft:windows_server_2008

  microsoft:windows_server_2012

  microsoft:windows_server_2016

  microsoft:windows_server_2019

  microsoft:windows_server_2022

  microsoft:windows_server_2022_23h2

  microsoft:windows_server_2025
  • [GERMAN]

    Published: 2024-11-13T09:28:00+01:00
  • [GERMAN] Kritische Sicherheitslücken bekannt und unter Angriff

    Am Patchday im November veröffentlicht Microsoft knapp 90 Updates. Darunter sind fünf Schwachstellen öffentlich bekannt und/oder bereits unter Angriff. Dazu kommen Sicherheitslücken mit CVSS von 9.8. Es gibt für Admins daher einiges zu tun.

    Published: 2024-11-13T09:00:00+01:00
  • [ENGLISH] Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

    Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

    Published: 2024-11-13T12:44:00+05:30
  • [ENGLISH] Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

    A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user's NTLMv2 hash. It was patched by Microsoft earlier this

    Published: 2024-11-14T11:13:00+05:30
  • [ENGLISH] THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)

    What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are getting smarter, faster, and more creative—using everything from human trust to hidden flaws in

    Published: 2024-11-18T17:06:00+05:30

• CVE-2024-9465

  Severity

  CRITICAL

  An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.

  paloaltonetworks:expedition
  • [GERMAN] CISA warnt vor Angriffen auf Palo-Alto-Software

    Erst vergangene Woche warnte die CISA vor einer angegriffenen Sicherheitslücke in Palo Altos Expedition, jetzt stehen weitere Lecks unter Beschuss.

    Published: 2024-11-15T10:18:00+01:00
  • [ENGLISH] CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition software have come under active exploitation in the wild. To that end, it has added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the necessary updates

    Published: 2024-11-15T10:34:00+05:30
  • [ENGLISH] PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released

    Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild. To that end, the company said it observed malicious activity originating from below IP addresses and targeting PAN-OS management web interface IP addresses

    Published: 2024-11-16T13:51:00+05:30
  • [ENGLISH] THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)

    What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are getting smarter, faster, and more creative—using everything from human trust to hidden flaws in

    Published: 2024-11-18T17:06:00+05:30
  • [GERMAN] Palo Alto stopft fünf kritische Sicherheitslücken

    In Palo Alto Networks Migrationstool Expedition gibt es fünf schwerwiegende Sicherheitslücken. Diese führen dazu, dass erfolgreiche Angreifer Zugriff auf sensible Informationen von Firewalls erhalten, die das Betriebssystem PAN-OS nutzen.

    Published: 2024-11-19T07:00:00+01:00

• CVE-2024-9463

  Severity

  HIGH

  An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

  paloaltonetworks:expedition
  • [GERMAN] CISA warnt vor Angriffen auf Palo-Alto-Software

    Erst vergangene Woche warnte die CISA vor einer angegriffenen Sicherheitslücke in Palo Altos Expedition, jetzt stehen weitere Lecks unter Beschuss.

    Published: 2024-11-15T10:18:00+01:00
  • [ENGLISH] CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition software have come under active exploitation in the wild. To that end, it has added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to apply the necessary updates

    Published: 2024-11-15T10:34:00+05:30
  • [ENGLISH] PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released

    Palo Alto Networks has released new indicators of compromise (IoCs) a day after the network security vendor confirmed that a zero-day vulnerability impacting its PAN-OS firewall management interface has been actively exploited in the wild. To that end, the company said it observed malicious activity originating from below IP addresses and targeting PAN-OS management web interface IP addresses

    Published: 2024-11-16T13:51:00+05:30
  • [ENGLISH] THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)

    What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are getting smarter, faster, and more creative—using everything from human trust to hidden flaws in

    Published: 2024-11-18T17:06:00+05:30
  • [GERMAN] Palo Alto stopft fünf kritische Sicherheitslücken

    In Palo Alto Networks Migrationstool Expedition gibt es fünf schwerwiegende Sicherheitslücken. Diese führen dazu, dass erfolgreiche Angreifer Zugriff auf sensible Informationen von Firewalls erhalten, die das Betriebssystem PAN-OS nutzen.

    Published: 2024-11-19T07:00:00+01:00

• CVE-2024-49039

  Severity

  HIGH

  Windows Task Scheduler Elevation of Privilege Vulnerability

  microsoft:windows_10_1507

  microsoft:windows_10_1607

  microsoft:windows_10_1809

  microsoft:windows_10_21h2

  microsoft:windows_10_22h2

  microsoft:windows_11_22h2

  microsoft:windows_11_23h2

  microsoft:windows_11_24h2

  microsoft:windows_server_2016

  microsoft:windows_server_2019

  microsoft:windows_server_2022

  microsoft:windows_server_2022_23h2

  microsoft:windows_server_2025
  • [GERMAN]

    Published: 2024-11-13T09:28:00+01:00
  • [GERMAN] Kritische Sicherheitslücken bekannt und unter Angriff

    Am Patchday im November veröffentlicht Microsoft knapp 90 Updates. Darunter sind fünf Schwachstellen öffentlich bekannt und/oder bereits unter Angriff. Dazu kommen Sicherheitslücken mit CVSS von 9.8. Es gibt für Admins daher einiges zu tun.

    Published: 2024-11-13T09:00:00+01:00
  • [ENGLISH] Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

    Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

    Published: 2024-11-13T12:44:00+05:30
  • [ENGLISH] THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)

    What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are getting smarter, faster, and more creative—using everything from human trust to hidden flaws in

    Published: 2024-11-18T17:06:00+05:30

• CVE-2024-43639

  Severity

  CRITICAL

  Windows KDC Proxy Remote Code Execution Vulnerability

  microsoft:windows_server_2012

  microsoft:windows_server_2016

  microsoft:windows_server_2019

  microsoft:windows_server_2022

  microsoft:windows_server_2022_23h2

  microsoft:windows_server_2025
  • [GERMAN] Kritische Sicherheitslücken bekannt und unter Angriff

    Am Patchday im November veröffentlicht Microsoft knapp 90 Updates. Darunter sind fünf Schwachstellen öffentlich bekannt und/oder bereits unter Angriff. Dazu kommen Sicherheitslücken mit CVSS von 9.8. Es gibt für Admins daher einiges zu tun.

    Published: 2024-11-13T09:00:00+01:00
  • [ENGLISH] Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

    Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

    Published: 2024-11-13T12:44:00+05:30
  • [GERMAN] Dringend patchen: Kritische Kerberos-Lücke gefährdet Windows-Server-Systeme

    Die Lücke betrifft alle Windows-Server-Versionen ab 2012 aufwärts und erlaubt es Angreifern, aus der Ferne Schadcode einzuschleusen und auszuführen. (<a href="https://www.golem.de/specials/sicherheitsluecke/">Sicherheitslücke</a>, <a href="https://www.golem.de/specials/microsoft/">Microsoft</a>) <img alt="" height="1" src="https://cpx.golem.de/cpx.php?class=17&amp;aid=190766&amp;page=1&amp;ts=1731580143" width="1" />

    Published: 2024-11-14T11:29:09+01:00

• CVE-2024-43093

  Severity

  HIGH

  In shouldHideDocument of ExternalStorageProvider.java, there is a possible bypass of a file path filter designed to prevent access to sensitive directories due to incorrect unicode normalization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

  google:android
  • [GERMAN] Erneuter Fehler in Googles Android-Framework

    Bereits im Juni wurde eine schwerwiegende Sicherheitslücke im Android-Framework entdeckt. Nun warnt Google erneut: Vor CVE-2024-43093, einer Schwachstelle, die zu einer gefährlichen Rechteausweitung führen könnte.

    Published: 2024-11-15T07:00:00+01:00
  • [ENGLISH] THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

    ⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as secret pathways,

    Published: 2024-11-11T17:27:00+05:30

• CVE-2024-38812

  Severity

  CRITICAL

  The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

  vmware:vcenter_server
  • [GERMAN] Lücken in FortiClient, Kemp Loadmaster, PAN-OS und VMware vCenter attackiert

    Kriminelle attackieren aktuell teils ungepatchte Sicherheitslücken in FortiClient, Kemp Loadmaster, PAN-OS und VMware vCenter.

    Published: 2024-11-19T09:51:00+01:00
  • [ENGLISH] Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

    Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was

    Published: 2024-11-19T12:01:00+05:30

• CVE-2024-38813

  Severity

  CRITICAL

  The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.

  vmware:vcenter_server
  • [GERMAN] Lücken in FortiClient, Kemp Loadmaster, PAN-OS und VMware vCenter attackiert

    Kriminelle attackieren aktuell teils ungepatchte Sicherheitslücken in FortiClient, Kemp Loadmaster, PAN-OS und VMware vCenter.

    Published: 2024-11-19T09:51:00+01:00
  • [ENGLISH] Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

    Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was

    Published: 2024-11-19T12:01:00+05:30

• CVE-2024-49019

  Severity

  HIGH

  Active Directory Certificate Services Elevation of Privilege Vulnerability

  microsoft:windows_server_2008

  microsoft:windows_server_2012

  microsoft:windows_server_2016

  microsoft:windows_server_2019

  microsoft:windows_server_2022

  microsoft:windows_server_2022_23h2

  microsoft:windows_server_2025
  • [GERMAN]

    Published: 2024-11-13T09:28:00+01:00
  • [ENGLISH] Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

    Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

    Published: 2024-11-13T12:44:00+05:30

• CVE-2024-7965

  Severity

  HIGH

  Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  google:chrome

  microsoft:edge_chromium
  • [GERMAN] Remote-Code-Ausführung in SharePoint möglich

    Eine kritische Sicherheitslücke in SharePoint ermöglicht Remote-Code-Ausführung. Die Schwachstelle geht auf eine unsichere Deserialisierung von Daten zurück, die unbefugten Zugriff über ein Netzwerkangriffsszenario eröffnet.

    Published: 2024-11-15T16:00:00+01:00

• CVE-2024-9464

  Severity

  MEDIUM

  An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

  paloaltonetworks:expedition
  • [GERMAN] Palo Alto stopft fünf kritische Sicherheitslücken

    In Palo Alto Networks Migrationstool Expedition gibt es fünf schwerwiegende Sicherheitslücken. Diese führen dazu, dass erfolgreiche Angreifer Zugriff auf sensible Informationen von Firewalls erhalten, die das Betriebssystem PAN-OS nutzen.

    Published: 2024-11-19T07:00:00+01:00

• CVE-2024-9466

  Severity

  MEDIUM

  A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

  paloaltonetworks:expedition
  • [GERMAN] Palo Alto stopft fünf kritische Sicherheitslücken

    In Palo Alto Networks Migrationstool Expedition gibt es fünf schwerwiegende Sicherheitslücken. Diese führen dazu, dass erfolgreiche Angreifer Zugriff auf sensible Informationen von Firewalls erhalten, die das Betriebssystem PAN-OS nutzen.

    Published: 2024-11-19T07:00:00+01:00

• CVE-2024-9467

  Severity

  MEDIUM

  A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.

  paloaltonetworks:expedition
  • [GERMAN] Palo Alto stopft fünf kritische Sicherheitslücken

    In Palo Alto Networks Migrationstool Expedition gibt es fünf schwerwiegende Sicherheitslücken. Diese führen dazu, dass erfolgreiche Angreifer Zugriff auf sensible Informationen von Firewalls erhalten, die das Betriebssystem PAN-OS nutzen.

    Published: 2024-11-19T07:00:00+01:00

• CVE-2024-40711

  Severity

  CRITICAL

  A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).

  veeam:veeam_backup_\&_replication
  • [ENGLISH] Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

    Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was

    Published: 2024-11-19T12:01:00+05:30

• CVE-2024-7474

  Severity

  HIGH

  In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability exists. A user can view or delete external users by manipulating the 'id' parameter in the request URL. The application does not perform adequate checks on the 'id' parameter, allowing unauthorized access to external user data.

  lunary:lunary
  • [GERMAN] Schwere Sicherheitslücken in KI-Sprachmodellen

    Large Language Models erfreuen sich in Unternehmen an wachsender Beliebtheit, da sie Routineaufgaben übernehmen können. Doch in einigen Open Source Tools fanden Teilnehmende des Bug-Bounty-Programms von Protect AI teils kritische Sicherheitslücken.

    Published: 2024-11-19T16:00:00+01:00

• CVE-2024-7475

  Severity

  CRITICAL

  An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to update the SAML configuration without authorization. This vulnerability can lead to manipulation of authentication processes, fraudulent login requests, and theft of user information. Appropriate access controls should be implemented to ensure that the SAML configuration can only be updated by authorized users.

  lunary:lunary
  • [GERMAN] Schwere Sicherheitslücken in KI-Sprachmodellen

    Large Language Models erfreuen sich in Unternehmen an wachsender Beliebtheit, da sie Routineaufgaben übernehmen können. Doch in einigen Open Source Tools fanden Teilnehmende des Bug-Bounty-Programms von Protect AI teils kritische Sicherheitslücken.

    Published: 2024-11-19T16:00:00+01:00

• CVE-2024-7473

  Severity

  MEDIUM

  An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' prompts by manipulating the 'id' parameter in the request. The issue is fixed in version 1.4.3.

  lunary:lunary
  • [GERMAN] Schwere Sicherheitslücken in KI-Sprachmodellen

    Large Language Models erfreuen sich in Unternehmen an wachsender Beliebtheit, da sie Routineaufgaben übernehmen können. Doch in einigen Open Source Tools fanden Teilnehmende des Bug-Bounty-Programms von Protect AI teils kritische Sicherheitslücken.

    Published: 2024-11-19T16:00:00+01:00

• CVE-2024-5982

  Severity

  CRITICAL

  A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple features, including user upload, directory creation, and template loading. Specifically, the load_chat_history function in modules/models/base_model.py allows arbitrary file uploads, potentially leading to remote code execution (RCE). The get_history_names function in utils.py permits arbitrary directory creation. Additionally, the load_template function in utils.py can be exploited to leak the first column of CSV files. These issues stem from improper sanitization of user inputs concatenated with directory paths using os.path.join.

  gaizhenbiao:chuanhuchatgpt
  • [GERMAN] Schwere Sicherheitslücken in KI-Sprachmodellen

    Large Language Models erfreuen sich in Unternehmen an wachsender Beliebtheit, da sie Routineaufgaben übernehmen können. Doch in einigen Open Source Tools fanden Teilnehmende des Bug-Bounty-Programms von Protect AI teils kritische Sicherheitslücken.

    Published: 2024-11-19T16:00:00+01:00

• CVE-2024-7010

  Severity

  MEDIUM

  mudler/localai version 2.17.1 is vulnerable to a Timing Attack. This type of side-channel attack allows an attacker to compromise the cryptosystem by analyzing the time taken to execute cryptographic algorithms. Specifically, in the context of password handling, an attacker can determine valid login credentials based on the server's response time, potentially leading to unauthorized access.

  mudler:localai
  • [GERMAN] Schwere Sicherheitslücken in KI-Sprachmodellen

    Large Language Models erfreuen sich in Unternehmen an wachsender Beliebtheit, da sie Routineaufgaben übernehmen können. Doch in einigen Open Source Tools fanden Teilnehmende des Bug-Bounty-Programms von Protect AI teils kritische Sicherheitslücken.

    Published: 2024-11-19T16:00:00+01:00

• CVE-2024-40766

  Severity

  CRITICAL

  An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. This issue affects SonicWall Firewall Gen 5 and Gen 6 devices, as well as Gen 7 devices running SonicOS 7.0.1-5035 and older versions.

  sonicwall:sonicos
  • [ENGLISH] New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

    Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness," Russian cybersecurity vendor Kaspersky said. "Threat actors leveraged an unconventional blend

    Published: 2024-11-12T11:30:00+05:30

• CVE-2024-45189

  Severity

  MEDIUM

  Mage AI allows remote users with the "Viewer" role to leak arbitrary files from the Mage server due to a path traversal in the "Git Content" request

  mage:mage-ai
  • [ENGLISH] Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

    Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week. The server-side weaknesses "allow attackers to hijack important servers in the

    Published: 2024-11-11T15:41:00+05:30

• CVE-2024-7971

  Severity

  HIGH

  Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  google:chrome
  • [GERMAN] Remote-Code-Ausführung in SharePoint möglich

    Eine kritische Sicherheitslücke in SharePoint ermöglicht Remote-Code-Ausführung. Die Schwachstelle geht auf eine unsichere Deserialisierung von Daten zurück, die unbefugten Zugriff über ein Netzwerkangriffsszenario eröffnet.

    Published: 2024-11-15T16:00:00+01:00

• CVE-2024-38094

  Severity

  HIGH

  Microsoft SharePoint Remote Code Execution Vulnerability

  microsoft:sharepoint_server
  • [GERMAN] Remote-Code-Ausführung in SharePoint möglich

    Eine kritische Sicherheitslücke in SharePoint ermöglicht Remote-Code-Ausführung. Die Schwachstelle geht auf eine unsichere Deserialisierung von Daten zurück, die unbefugten Zugriff über ein Netzwerkangriffsszenario eröffnet.

    Published: 2024-11-15T16:00:00+01:00

• CVE-2024-32896

  Severity

  HIGH

  there is a possible way to bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

  google:android
  • [GERMAN] Erneuter Fehler in Googles Android-Framework

    Bereits im Juni wurde eine schwerwiegende Sicherheitslücke im Android-Framework entdeckt. Nun warnt Google erneut: Vor CVE-2024-43093, einer Schwachstelle, die zu einer gefährlichen Rechteausweitung führen könnte.

    Published: 2024-11-15T07:00:00+01:00

• CVE-2024-43047

  Severity

  HIGH

  Memory corruption while maintaining memory maps of HLOS memory.

  qualcomm:fastconnect_6700_firmware

  qualcomm:fastconnect_6800_firmware

  qualcomm:fastconnect_6900_firmware

  qualcomm:fastconnect_7800_firmware

  qualcomm:qam8295p_firmware

  qualcomm:qca6174a_firmware

  qualcomm:qca6391_firmware

  qualcomm:qca6426_firmware

  qualcomm:qca6436_firmware

  qualcomm:qca6574au_firmware

  qualcomm:qca6584au_firmware

  qualcomm:qca6595_firmware

  qualcomm:qca6595au_firmware

  qualcomm:qca6688aq_firmware

  qualcomm:qca6696_firmware

  qualcomm:qca6698aq_firmware

  qualcomm:qcs410_firmware

  qualcomm:qcs610_firmware

  qualcomm:qcs6490_firmware

  qualcomm:video_collaboration_vc1_firmware

  qualcomm:video_collaboration_vc3_firmware

  qualcomm:sa4150p_firmware

  qualcomm:sa4155p_firmware

  qualcomm:sa6145p_firmware

  qualcomm:sa6150p_firmware

  qualcomm:sa6155p_firmware

  qualcomm:sa8145p_firmware

  qualcomm:sa8150p_firmware

  qualcomm:sa8155p_firmware

  qualcomm:sa8195p_firmware

  qualcomm:sa8295p_firmware

  qualcomm:sd660_firmware

  qualcomm:sd865_5g_firmware

  qualcomm:sg4150p_firmware

  qualcomm:snapdragon_660_mobile_firmware

  qualcomm:snapdragon_680_4g_mobile_firmware

  qualcomm:snapdragon_685_4g_mobile_firmware

  qualcomm:snapdragon_8_gen_1_mobile_firmware

  qualcomm:snapdragon_865_5g_mobile_firmware

  qualcomm:snapdragon_865\+_5g_mobile_firmware

  qualcomm:snapdragon_870_5g_mobile_firmware

  qualcomm:snapdragon_888_5g_mobile_firmware

  qualcomm:snapdragon_888\+_5g_mobile_firmware

  qualcomm:snapdragon_auto_5g_modem-rf_firmware

  qualcomm:snapdragon_auto_5g_modem-rf_gen_2_firmware

  qualcomm:snapdragon_x55_5g_modem-rf_firmware

  qualcomm:snapdragon_xr2_5g_firmware

  qualcomm:sw5100_firmware

  qualcomm:sw5100p_firmware

  qualcomm:sxr2130_firmware

  qualcomm:wcd9335_firmware

  qualcomm:wcd9341_firmware

  qualcomm:wcd9370_firmware

  qualcomm:wcd9375_firmware

  qualcomm:wcd9380_firmware

  qualcomm:wcd9385_firmware

  qualcomm:wcn3950_firmware

  qualcomm:wcn3980_firmware

  qualcomm:wcn3988_firmware

  qualcomm:wcn3990_firmware

  qualcomm:wsa8810_firmware

  qualcomm:wsa8815_firmware

  qualcomm:wsa8830_firmware

  qualcomm:wsa8835_firmware
  • [GERMAN] Erneuter Fehler in Googles Android-Framework

    Bereits im Juni wurde eine schwerwiegende Sicherheitslücke im Android-Framework entdeckt. Nun warnt Google erneut: Vor CVE-2024-43093, einer Schwachstelle, die zu einer gefährlichen Rechteausweitung führen könnte.

    Published: 2024-11-15T07:00:00+01:00

• CVE-2024-36513

  Severity

  HIGH

  A privilege context switching error vulnerability [CWE-270] in FortiClient Windows version 7.2.4 and below, version 7.0.12 and below, 6.4 all versions may allow an authenticated user to escalate their privileges via lua auto patch scripts.

  fortinet:forticlient
  • [GERMAN] Fortinet stopft Sicherheitslecks in FortiOS, FortiAnalyzer und FortiClient

    Sicherheitslücken in FortiClient für Windows, FortiAnalyzer und FortiOS machen die Systeme anfällig für Angriffe. Updates stehen bereit.

    Published: 2024-11-13T14:00:00+01:00

• CVE-2024-43602

  Severity

  CRITICAL

  Azure CycleCloud Remote Code Execution Vulnerability

  microsoft:azure_cyclecloud
  • [ENGLISH] Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

    Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

    Published: 2024-11-13T12:44:00+05:30

• CVE-2024-38021

  Severity

  HIGH

  Microsoft Outlook Remote Code Execution Vulnerability

  microsoft:365_apps
  • [ENGLISH] Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

    Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

    Published: 2024-11-13T12:44:00+05:30

• CVE-2024-21410

  Severity

  CRITICAL

  Microsoft Exchange Server Elevation of Privilege Vulnerability

  microsoft:exchange_server
  • [ENGLISH] Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

    Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024. Of the 90 flaws, four are rated Critical, 85 are rated Important, and one is rated Moderate in

    Published: 2024-11-13T12:44:00+05:30

• CVE-2024-49040

  Severity

  HIGH

  Microsoft Exchange Server Spoofing Vulnerability

  microsoft:exchange_server
  • [GERMAN]

    Published: 2024-11-13T09:28:00+01:00

• CVE-2024-49514

  Severity

  HIGH

  Photoshop Desktop versions 24.7.3, 25.11 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  adobe:photoshop
  • [GERMAN] Patchday Adobe: Schadcode-Attacken auf After Effects & Co. möglich

    Verschiedene Anwendungen von Adobe sind verwundbar. Sicherheitsupdates schließen mehrere Lücken.

    Published: 2024-11-13T10:14:00+01:00

• CVE-2024-47441

  Severity

  HIGH

  After Effects versions 23.6.9, 24.6.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

  adobe:after_effects
  • [GERMAN] Patchday Adobe: Schadcode-Attacken auf After Effects & Co. möglich

    Verschiedene Anwendungen von Adobe sind verwundbar. Sicherheitsupdates schließen mehrere Lücken.

    Published: 2024-11-13T10:14:00+01:00

• CVE-2024-50329

  Severity

  HIGH

  Path traversal in Ivanti Endpoint Manager before 2024 November Security Update or 2022 SU6 November Security Update allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required.

  ivanti:endpoint_manager
  • [GERMAN] Ivanti patcht Endpoint Manager, Avalanche, VPN- und NAC-Software

    Ivanti bessert zahlreiche, teils kritische Sicherheitslücken in diversen Produkten aus. IT-Verantwortliche sollten aktiv werden.

    Published: 2024-11-13T11:35:00+01:00

• CVE-2024-11007

  Severity

  HIGH

  Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution.

  ivanti:connect_secure

  ivanti:policy_secure
  • [GERMAN] Ivanti patcht Endpoint Manager, Avalanche, VPN- und NAC-Software

    Ivanti bessert zahlreiche, teils kritische Sicherheitslücken in diversen Produkten aus. IT-Verantwortliche sollten aktiv werden.

    Published: 2024-11-13T11:35:00+01:00