ARTIKEL SUCHE

Threat Feed Query

Durchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.

284 Ergebnisse fuer CVE-2024 Seite 10 von 15

CVE-2024-7344

Currently trending CVE - Hype Score: 9 - Howyar UEFI Application "Reloader" (32-bit and 64-bit) is vulnerable to execution of unsigned software in a hardcoded path.

cvemon.intruder.io • 2025-09-14

CVE-2024-44253

Currently trending CVE - Hype Score: 11 - The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of the file system.

cvemon.intruder.io • 2025-09-13

CVE-2024-44196

Currently trending CVE - Hype Score: 11 - A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to modify protected parts of

cvemon.intruder.io • 2025-09-13

New HybridPetya Ransomware Bypasses UEFI Secure Boot With CVE-2024-7344 Exploit

Cybersecurity researchers have discovered a new ransomware strain dubbed HybridPetya that resembles the notorious Petya/NotPetya malware, while also incorporating the ability to bypass the Secure Boot mechanism in Unifie

thehackernews.com • 2025-09-12

Microsoft Patch for Old Flaw Reveals New Kernel Address Leak Vulnerability in Windows 11/Server 2022 24H2

A new kernel address leak vulnerability has been discovered in the latest versions of Windows 11 (24H2) and Windows Server 2022 (24H2). The flaw, identified as CVE-2025-53136, was ironically introduced by a Microsoft pat

cybersecuritynews.com • 2025-09-12

Akira Ransomware exploits year-old SonicWall flaw with multiple vectors

Researchers warn that Akira ransomware group is exploiting a year-old SonicWall firewall flaw, likely using three attack vectors for initial access. The Akira ransomware group is exploiting a year-old SonicWall firewall

securityaffairs.com • 2025-09-11

Akira ransomware exploiting critical SonicWall SSLVPN bug again

The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. [...]

bleepingcomputer.com • 2025-09-11

ACSC Warns Of Sonicwall Access Control Vulnerability Actively Exploited In Attacks

The Australian Cyber Security Centre (ACSC) has issued a critical alert regarding a severe access control vulnerability in SonicWall products that is being actively exploited in attacks. The flaw, tracked as CVE-2024-407

cybersecuritynews.com • 2025-09-11

FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands

Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized commands. Tracked as CVE-2024-45325, the flaw is an OS command injecti

cybersecuritynews.com • 2025-09-09

New Technique Uncovered To Exploit Linux Kernel Use-After-Free Vulnerability

A new technique to exploit a complex use-after-free (UAF) vulnerability in the Linux kernel successfully bypasses modern security mitigations to gain root privileges. The method targets CVE-2024-50264, a difficult-to-exp

cybersecuritynews.com • 2025-09-09

CVE-2024-26169

Currently trending CVE - Hype Score: 6 - Windows Error Reporting Service Elevation of Privilege Vulnerability

cvemon.intruder.io • 2025-09-09

CVE-2024-58240

Currently trending CVE - Hype Score: 6 - In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much

cvemon.intruder.io • 2025-09-08

CVE-2024-7206

Currently trending CVE - Hype Score: 11 - SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware

cvemon.intruder.io • 2025-08-31

CVE-2024-7205

Currently trending CVE - Hype Score: 11 - When the device is shared, the homepage module are before 2.19.0  in eWeLink Cloud Service allows Secondary user to take over devices as primary user via sharing unnecessary devi

cvemon.intruder.io • 2025-08-31

CVE-2024-8440

Currently trending CVE - Hype Score: 7 - The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugi

cvemon.intruder.io • 2025-08-30

CVE-2025-57811

Currently trending CVE - Hype Score: 15 - Craft is a platform for creating digital experiences. From versions 4.0.0-RC1 to 4.16.5 and 5.0.0-RC1 to 5.8.6, there is a potential remote code execution vulnerability via Twig

cvemon.intruder.io • 2025-08-27

CVE-2024-8069

Currently trending CVE - Hype Score: 25 - Limited remote code execution with privilege of a NetworkService Account access in Citrix Session Recording if the attacker is an authenticated user on the same intranet as the s

cvemon.intruder.io • 2025-08-26

CVE-2024-8068

Currently trending CVE - Hype Score: 25 - Privilege escalation to NetworkService Account access in Citrix Session Recording when an attacker is an authenticated user in the same Windows Active Directory domain as the ses

cvemon.intruder.io • 2025-08-26

CISA Adds Three Exploited Vulnerabilities to KEV Catalog Affecting Citrix and Git

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws impacting Citrix Session Recording and Git to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of

thehackernews.com • 2025-08-26

CVE-2024-55415

Currently trending CVE - Hype Score: 8 - DevDojo Voyager through 1.8.0 is vulnerable to path traversal at the /admin/compass.

cvemon.intruder.io • 2025-08-23