-
CVE-2024-51442 – Minidlna Command Injection Vulnerability
CVE ID : CVE-2024-51442 Published : Jan. 8, 2025, 6:15 p.m. | 3 hours, 28 minutes ago Description : Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected…
-
CVE-2024-54818 – SourceCodester Computer Laboratory Management System Unauthenticated Remote OS Command Injection
CVE ID : CVE-2024-54818 Published : Jan. 8, 2025, 7:15 p.m. | 2 hours, 28 minutes ago Description : SourceCodester Computer Laboratory Management System 1.0 is vulnerable to Incorrect Access Control. via /php-lms/admin/?page=user/list. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more… Go to Source
-
CVE-2025-22137 – Pingvin Share File Traversal
CVE ID : CVE-2025-22137 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : Pingvin Share is a self-hosted file sharing platform and an alternative for WeTransfer. This vulnerability allows an authenticated or unauthenticated (if anonymous shares are allowed) user to overwrite arbitrary files on the server, including sensitive system files, via…
-
CVE-2024-55517 – Polaris FT Intellect Core Banking SQL Injection
CVE ID : CVE-2024-55517 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : An issue was discovered in the Interllect Core Search in Polaris FT Intellect Core Banking 9.5. Input passed through the groupType parameter in /SCGController is mishandled before being used in SQL queries, allowing SQL injection in an authenticated…
-
CVE-2024-55656 – Redis RedisBloom Probabilistic Data Structures Integer Overflow Information Leak Out-of-Bounds Write
CVE ID : CVE-2024-55656 Published : Jan. 8, 2025, 4:15 p.m. | 5 hours, 28 minutes ago Description : RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker (a redis client which knows the…
-
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall urges admins to patch exploitable SSLVPN bug immediately SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual ex … Read more Published Date: Jan 08, 2025 (2 hours, 27 minutes ago) Vulnerabilities has been mentioned in this…
-
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. KerioControl is a … Read more Published Date: Jan 08, 2025 (2 hours, 48 minutes ago) Vulnerabilities has been mentioned in this article.…
-
CVE-2025-0282 (CVSS 9.0): Ivanti Confirms Active Exploitation of Critical Flaw
CVE-2025-0282 (CVSS 9.0): Ivanti Confirms Active Exploitation of Critical Flaw Ivanti has issued a security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and Neurons for ZTA Gateways. The vulnerabilities—CVE-2025-0282 and CVE-2025-0283—pose signif … Read more Published Date: Jan 08, 2025 (3 hours, 3 minutes ago) Vulnerabilities has been mentioned in this article. Go to…