ARTIKEL SUCHE

Threat Feed Query

Durchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.

284 Ergebnisse fuer CVE-2024 Seite 11 von 15

CVE-2024-36401

Currently trending CVE - Hype Score: 11 - GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allo

cvemon.intruder.io • 2025-08-23

Threat Actors Gaining Access to Victims’ Machines and Monetizing Access to Their Bandwidth

A stealthy campaign emerged in early March 2025 that capitalized on a critical remote code execution flaw in GeoServer (CVE-2024-36401) to compromise publicly exposed geospatial servers. Attackers exploited JXPath query

cybersecuritynews.com • 2025-08-21

CVE-2024-37085

Currently trending CVE - Hype Score: 20 - VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient Active Directory (AD) permissions can gain full access to an ESXi host that was pre

cvemon.intruder.io • 2025-08-19

CVE-2024-42057

Currently trending CVE - Hype Score: 20 - A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions from V4.32 through V5.38, USG FLEX series firmware versions from V4.50 through V5

cvemon.intruder.io • 2025-08-19

CVE-2024-29847

Currently trending CVE - Hype Score: 15 - Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code

cvemon.intruder.io • 2025-08-18

CVE-2025-23061

Currently trending CVE - Hype Score: 14 - Mongoose before 8.9.5 can improperly use a nested $where filter with a populate() match, leading to search injection. NOTE: this issue exists because of an incomplete fix for CVE

cvemon.intruder.io • 2025-08-18

CVE-2024-40725

Currently trending CVE - Hype Score: 18 - A partial fix for  CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar conf

cvemon.intruder.io • 2025-08-16

FortiOS, FortiProxy, and FortiPAM Auth Bypass Vulnerability Allows Attackers to Gain Full Control

A high-severity authentication bypass vulnerability affecting multiple Fortinet security products, including FortiOS, FortiProxy, and FortiPAM systems.  The flaw, designated as CVE-2024-26009 with a CVSS score of 7.9, en

cybersecuritynews.com • 2025-08-13

CVE-2024-53141

Currently trending CVE - Hype Score: 47 - In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[

cvemon.intruder.io • 2025-08-12

CVE-2024-50264

Currently trending CVE - Hype Score: 12 - In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication,

cvemon.intruder.io • 2025-08-10

CVE-2024-40766

Currently trending CVE - Hype Score: 22 - An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific condi

cvemon.intruder.io • 2025-08-08

CVE-2024-38196

<html><body>Currently trending CVE - Hype Score: 7 - Windows Common Log File System Driver Elevation of Privilege Vulnerability</body></html>

cvemon.intruder.io • 2025-08-04

CVE-2024-12695

<html><body>Currently trending CVE - Hype Score: 7 - Out of bounds write in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chrom

cvemon.intruder.io • 2025-08-04

CVE-2024-38018

<html><body>Currently trending CVE - Hype Score: 15 - Microsoft SharePoint Server Remote Code Execution Vulnerability</body></html>

cvemon.intruder.io • 2025-08-03

CVE-2024-4947

<html><body>Currently trending CVE - Hype Score: 18 - Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium s

cvemon.intruder.io • 2025-07-24

Sophos fixed two critical Sophos Firewall vulnerabilities

<html><body>Sophos addressed five Sophos Firewall vulnerabilities that could allow remote attackers to execute arbitrary code. Sophos has fixed five vulnerabilities (CVE-2025-6704, CVE-2025-7624, CVE-2025-7382, CVE-2024-

securityaffairs.com • 2025-07-23

Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution

<html><body><p>Three critical vulnerabilities in the Sophos Intercept X for Windows product family could allow local attackers to achieve arbitrary code execution with system-level privileges. Identified as CVE-2024-1397

cybersecuritynews.com • 2025-07-18

CVE-2024-2887

<html><body><p>Currently trending CVE - Hype Score: 46 - Type Confusion in WebAssembly in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium securi

cvemon.intruder.io • 2025-07-17

CVE-2024-27348

<html><body><p>Currently trending CVE - Hype Score: 13 - RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache HugeGraph-Server: from 1.0.0 before 1.3.0 in Java8 &amp; Java11 Us

cvemon.intruder.io • 2025-07-14

CVE-2024-34470

<html><body><p>Currently trending CVE - Hype Score: 11 - An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The

cvemon.intruder.io • 2025-07-13