| Vulnerability | Details |
|---|---|
| Windows Exploits | |
| CVE-2023-38831 (WinRAR) | Incorrect handling of objects in an archive, allowing attackers to exploit the vulnerability. |
| CVE-2023-23397 (Outlook) | Allows stealing authentication data from Outlook. |
| CVE-2023-36874 (CreateProcess) | An impersonation vulnerability enabling the CreateProcess function to run under the SYSTEM user. |
| CVE-2023-36802 (mskssrv.sys Driver) | A UAF (Use-After-Free) vulnerability in the mskssrv.sys driver. |
| Microsoft Office (Common Exploits) | |
| CVE-2018-0802 | Remote code execution vulnerability in the Equation Editor component of Microsoft Office. |
| CVE-2017-11882 | Remote code execution vulnerability in the Equation Editor component. |
| CVE-2017-0199 | A Microsoft Office and WordPad vulnerability enabling control over the system. |
| CVE-2021-40444 | Remote code execution vulnerability in the MSHTML component of Microsoft Office. |
| Linux Exploits | |
| CVE-2023-2640 (OverlayFS Kernel) | Allows privileged labels to be applied to files after mounting the file system. |
| CVE-2023-22809 (Sudo Utility) | Allows attackers to bypass Sudo restrictions and run commands as any user on the system. |
| CVE-2023-4911 (ld.so Buffer Overflow) | Buffer overflow vulnerability in the dynamic loader ld.so. |
| CVE-2023-32233 (Netfilter Subsystem) | A UAF vulnerability enabling arbitrary read and write operations in kernel memory. |
| CVE-2023-3269 (Kernel Memory Management) | A UAF vulnerability in the kernel memory management system, allowing arbitrary code execution. |
| CVE-2023-31248 (nftables) | A UAF vulnerability in the firewall nftables component, which allows attackers to execute arbitrary code. |
| Interesting Linux Vulnerabilities | |
| CVE-2024-47177 (CUPS Filters) | In the CUPS printing toolkit, a vulnerability allows arbitrary commands to be run in the system shell by exploiting the FoomaticRIPCommandLine component. |
| CVE-2024-38112 (MSHTML Spoofing) | Discovered in active attacks in May 2024, enabling code execution through a malicious .url file bypassing Microsoft Edge. |
| CVE-2024-6387 (regreSSHion) | SSH authentication vulnerability due to unsafe SIGALRM handling, allowing attackers to compromise the system during SSH authentication. |
| CVE-2024-3183 (Free IPA) | A Kerberos authentication vulnerability enabling attackers to perform a Kerberoasting attack on FreeIPA networks by sniffing ticket encryption data. |
| CVE-2024-45519 (Zimbra) | A postjournal service vulnerability allowing OS Command Injection attacks where an attacker can run commands on the target service with elevated privileges. |
| CVE-2024-5290 (Ubuntu wpa_supplicant) | Misconfigured RPC interface vulnerability in Ubuntu’s wpa_supplicant, allowing loading of arbitrary shared libraries into process memory through D-Bus interfaces. |
Read full article: https://securelist.com/exploits-and-vulnerabilities-q3-2024/114839/
Disclaimer: The above summary has been generated by an AI language model
Leave a Reply