PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49112 in Windows SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical vulnerability, tracked as CVE-2024-49112 … Read more Published Date: Jan 02, 2025 (8 hours, 26 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-12108 CVE-2024-49112

Multiple vulnerabilities in CTFd versions <= 3.7.4 Full Disclosure mailing list archives From: Blazej Adamczyk Date: Tue, 24 Dec 2024 12:28:40 +0100 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Multiple vulnerabili … Read more Published Date: Dec 31, 2024 (2 days, 5 hours ago) Vulnerabilities has been mentioned in this article.

Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents Vulnerability / Incident Response The United States Treasury Department said it suffered a “major cybersecurity incident” that allowed suspected Chinese threat actors to remotely access some computers … Read more Published Date: Dec 31, 2024 (2 days, 4 hours ago) Vulnerabilities has been mentioned…

CVE-2024-21182: Oracle WebLogic Server Flaw Exploit Code Released CVE-2024-21182 is a high-severity vulnerability identified in Oracle WebLogic Server. This security flaw affects specific versions of the software, namely Oracle WebLogic Server 12.2.1.4.0 and 14.1.1. … Read more Published Date: Dec 31, 2024 (2 days, 2 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-56512 CVE-2024-3393 CVE-2024-45387…

Securitybedrijf meldt actief misbruik van lek in industriële routers Four-Faith Aanvallers maken actief misbruik van een kwetsbaarheid in industriële routers van fabrikant Four-Faith en het is onduidelijk of er updates beschikbaar zijn om het probleem te verhelpen, zo meldt secur … Read more Published Date: Dec 31, 2024 (1 day, 22 hours ago) Vulnerabilities has been mentioned…

China’s cyber intrusions took a sinister turn in 2024 The Chinese government’s intrusions into America’s telecommunications and other critical infrastructure networks this year appears to signal a shift from cyberspying as usual to prepping for destructi … Read more Published Date: Dec 31, 2024 (1 day, 22 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-39717…

IBMi Navigator / CVE-2024-51464 / HTTP Security Token Bypass Full Disclosure mailing list archives IBMi Navigator / CVE-2024-51464 / HTTP Security Token Bypass From: hyp3rlinx Date: Fri, 27 Dec 2024 22:21:21 -0500 [+] Credits: John … Read more Published Date: Dec 31, 2024 (2 days, 5 hours ago) Vulnerabilities has been mentioned in this article. CVE-2024-51464

CVE ID : CVE-2024-12912 Published : Jan. 2, 2025, 9:15 a.m. | 37 minutes ago Description : An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the ’01/02/2025 ASUS Router AiCloud vulnerability’ section on the ASUS Security Advisory for more information. Severity: 7.2 | HIGH Visit…

CVE ID : CVE-2024-13092 Published : Jan. 2, 2025, 9:15 a.m. | 37 minutes ago Description : A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. This vulnerability affects unknown code of the file /_parse/_call_job/search_ajax.php of the component Job Post Handler. The manipulation of the argument n leads to sql injection. The attack…

CVE ID : CVE-2024-13093 Published : Jan. 2, 2025, 9:15 a.m. | 37 minutes ago Description : A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /_parse/_call_main_search_ajax.php of the component Seeker Profile Handler. The manipulation of the argument s1 leads to…