CVE ID : CVE-2024-56414 Published : Jan. 2, 2025, 4:15 p.m. | 3 hours, 19 minutes ago Description : Web installer integrity check used weak hash algorithm. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline,…

CVE ID : CVE-2024-56413 Published : Jan. 2, 2025, 4:15 p.m. | 3 hours, 19 minutes ago Description : Missing session invalidation after user deletion. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. Severity: 6.1 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more……

CVE ID : CVE-2024-55543 Published : Jan. 2, 2025, 4:15 p.m. | 3 hours, 20 minutes ago Description : Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169. Severity: 7.3 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline,…

A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source web application framework used for developing Java web applications. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the…

Multiple Vulnerabilities have been discovered in Sophos Firewall, the most severe of which could allow for remote code execution. Sophos Firewall is a network security solution. Successful exploitation of the most severe of these vulnerabilities could allow for unauthorized access on the system. Depending on the privileges associated with the system, an attacker could then;…

A vulnerability has been discovered in multiple Cleo products that could allow for remote code execution. Cleo’s LexiCom, VLTransfer, and Harmony is software that is commonly used to manage file transfers. Successful exploitation of this vulnerability could allow for remote code execution in the context of the system. Depending on the privileges associated with the…

Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install…

Multiple vulnerabilities have been discovered in Ivanti Cloud Services Application (CSA), the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based unified endpoint management software. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Depending on…

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install…

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose…