Alireza Gharib Blog

CVE ID : CVE-2024-56205 Published : Dec. 31, 2024, 1:15 p.m. | 1 day, 21 hours ago Description : Incorrect Privilege Assignment vulnerability in AI Magic allows Privilege Escalation.This issue affects AI Magic: from n/a through 1.0.4. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE ID : CVE-2024-56071 Published : Dec. 31, 2024, 1:15 p.m. | 1 day, 21 hours ago Description : Incorrect Privilege Assignment vulnerability in Mike Leembruggen Simple Dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through 2.0. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and…

CVE ID : CVE-2024-56064 Published : Dec. 31, 2024, 1:15 p.m. | 1 day, 21 hours ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in Azzaroco WP SuperBackup allows Upload a Web Shell to a Web Server.This issue affects WP SuperBackup: from n/a through 2.3.3. Severity: 10.0 | CRITICAL Visit the link for more…

CERT-In Alerts WordPress Users to Critical WPForms Plugin Vulnerability As the world welcomed the New Year, cybersecurity experts had little reason to celebrate. On January 1, 2025, the Indian Computer Emergency Response Team (CERT-In) issued a high-severity alert about a … Read more Published Date: Jan 02, 2025 (2 hours, 56 minutes ago) Vulnerabilities has been mentioned…

Critical PAN-OS Vulnerability Added to CISA’s Exploited List: What You Need to Know The Cybersecurity and Infrastructure Security Agency (CISA) has expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding a newly discovered vulnerability in Palo Alto Networks’ PAN-OS vers … Read more Published Date: Jan 02, 2025 (4 hours, 1 minute ago) Vulnerabilities has been mentioned…

PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49112 in Windows SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical vulnerability, tracked as CVE-2024-49112 … Read more Published Date: Jan 02, 2025 (8 hours, 26 minutes ago) Vulnerabilities has been mentioned in this article. CVE-2024-12108 CVE-2024-49112

CVE-2024-12108 (CVSS 9.6) and Beyond: Progress Issues Critical Patch for WhatsUp Gold Network Monitoring Software Progress Software Corporation, a global provider of products to develop, deploy, and manage high-impact business applications, has issued a critical security bulletin for its WhatsUp Gold network moni … Read more Published Date: Jan 02, 2025 (8 hours, 34 minutes ago) Vulnerabilities…

From Fake Installers to Stolen Credentials: Decoding the LegionLoader Threat TRAC Labs has released an in-depth report on LegionLoader, a sophisticated downloader malware that has evolved significantly since its initial appearance in 2019. The malware, also tracked as Satacom, … Read more Published Date: Jan 02, 2025 (8 hours, 35 minutes ago) Vulnerabilities has been mentioned in…

D-Link Issues Warning on End-of-Life Routers Vulnerable to Botnet Exploits D-Link has issued a critical advisory urging users to retire and replace several legacy router models, including the DIR-645, DIR-806, GO-RT-AC750, and DIR-845, citing their End-of-Life (EOL) and End- … Read more Published Date: Jan 02, 2025 (8 hours, 48 minutes ago) Vulnerabilities has been mentioned in…

CVE-2024-12987 affecting DrayTek Routers CVE-2024-12987 is a critical security vulnerability identified in the DrayTek Vigor2960 and Vigor300B routers, specifically affecting firmware version 1.5.1.4. This vulnerability resides within the We … Read more Published Date: Jan 01, 2025 (1 day ago) Vulnerabilities has been mentioned in this article. CVE-2024-12987