Exploits and vulnerabilities in Q3 2024

Vulnerability Details Windows Exploits   CVE-2023-38831 (WinRAR) Incorrect handling of objects in an archive, allowing…

Veeam Service Provider Console (VSPC) Users Urged to Patch CVE-2024-42448 and CVE-2024-42449

CategoryDetailsThreat ActorsPotential exploitation by threat actors leveraging RCE and privilege escalation vulnerabilities.Campaign OverviewVeeam released patches…

Old Cisco ASA Vulnerability (CVE-2014-2120) Fuels Androxgh0st Botnet Activity

CategoryDetailsThreat ActorsAndroxgh0st botnet, leveraging Mozi botnet payloads.Campaign OverviewExploitation of decade-old CVE-2014-2120 in Cisco ASA, alongside…

Bootkitty: Analyzing the first UEFI bootkit for Linux

CategoryDetailsThreat ActorsBootkitty creators (unknown); proof-of-concept UEFI bootkit targeting LinuxCampaign OverviewFirst UEFI bootkit targeting Linux systems,…

CosmicSting: A Critical XXE Vulnerability in Adobe Commerce and Magento (CVE-2024-34102)

CategoryDetailsThreat ActorsNot explicitly mentioned.Campaign OverviewExploits "CosmicSting" vulnerability (CVE-2024-34102) in Adobe Commerce and Magento, targeting e-commerce…

Critical QNAP Vulnerabilities in Notes Station 3 and QuRouter Demand Immediate Patching (CVE-2024-38645, CVE-2024-38643, CVE-2024-48860)

CategoryDetailsProducts AffectedNotes Station 3 (v3.9.x), QuRouter (v2.4.x and earlier), QuLog Center, AI Core, QTS, QuTS…

Finding vulnerabilities in ClipSp, the driver at the core of Windows’ Client License Platform

CategoryDetailsThreat ActorsNot explicitly mentioned.Campaign OverviewResearch on vulnerabilities in the ClipSp driver, which implements client licensing…

Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 22)

CategoryDetailsThreat ActorsUnnamed actors exploiting CVE-2024-0012 and CVE-2024-9474; activity includes manual/automated scans, web shells, and C2…

November 2024 Patch Tuesday: Four Critical and Three Zero-Days Among 158 Vulnerabilities Patched

Category Details Total Vulnerabilities 158 vulnerabilities Critical Vulnerabilities CVE-2024-43625, CVE-2024-49056, CVE-2024-43498, CVE-2024-43639 Fully Mitigated Vulnerability…

NVIDIA shader out-of-bounds and eleven LevelOne router vulnerabilities

Category Details Threat Actors Not specified. Campaign Overview Discovery of five Nvidia out-of-bounds access vulnerabilities…

Stay Updated with Our Newsletter

Filter Posts by Date

Explore Topics