ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2026-41409 - Apache MINA: CWE-502 Deserialization of Untrusted Data
CVE ID :CVE-2026-41409 Published : April 27, 2026, 9:20 a.m. | 53 minutes ago Description :The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes a
CVE-2024-57728
Currently trending CVE - Hype Score: 4 - SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip). This
CVE-2024-57726
Currently trending CVE - Hype Score: 3 - SimpleHelp remote support software v5.5.7 and before has a vulnerability that allows low-privileges technicians to create API keys with excessive permissions. These API keys can b
CVE-2024-27199
Currently trending CVE - Hype Score: 2 - In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
Hackers Use CVE-2024-3721 to Infect TBK DVRs With Nexcorium DDoS Malware
A newly identified botnet campaign is actively exploiting a critical flaw in TBK digital video recorders to deploy a dangerous piece of malware known as Nexcorium, a Mirai-based threat built to launch large-scale distrib
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end‑of‑life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto
CVE-2024-53412 - NietThijmen ShoppingCart Command Injection Vulnerability
CVE ID :CVE-2024-53412 Published : April 15, 2026, 3:16 p.m. | 3 hours, 24 minutes ago Description :Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrar
CVE-2024-32114
Currently trending CVE - Hype Score: 2 - In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context (where the Jolokia JMX REST API and the Message REST API are located). It means that anyone ca
CVE-2024-52012
Currently trending CVE - Hype Score: 2 - Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in th
CVE-2026-39860 - Nix sandbox escape: file write via symlink at FOD `.tmp` copy destination
CVE ID :CVE-2026-39860 Published : April 8, 2026, 9:17 p.m. | 1 hour, 21 minutes ago Description :Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary
Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access
A high-severity security vulnerability has been disclosed in Docker Engine that could permit an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The vulnerability, tracked as CVE-2026-34040
CVE-2024-14032 - Twitch Studio LauncherHelper XPC Missing Authorization to Root File Write
CVE ID :CVE-2024-14032 Published : April 6, 2026, 4:16 p.m. | 21 minutes ago Description :Twitch Studio version 0.114.8 and prior contain a privilege escalation vulnerability in its privileged helper tool that allo
CVE-2024-14033 - Hirschmann EagleSDV Denial of Service via TLS
CVE ID :CVE-2024-14033 Published : April 2, 2026, 9:16 p.m. | 1 hour, 20 minutes ago Description :Hirschmann Industrial IT products (BAT-R, BAT-F, BAT450-F, BAT867-R, BAT867-F, WLC, BAT Controller Virtual) contain
CVE-2024-14034 - Hirschmann HiEOS Authentication Bypass via HTTP Management Module
CVE ID :CVE-2024-14034 Published : April 2, 2026, 8:16 p.m. | 20 minutes ago Description :Hirschmann HiEOS devices contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthe
CVE-2024-44250 - "Apple macOS Sequoia Privilege Escalation Vulnerability"
CVE ID :CVE-2024-44250 Published : April 2, 2026, 7:18 p.m. | 1 hour, 18 minutes ago Description :A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.1. An app ma
CVE-2024-40489 - Jeecg Boot Remote Code Execution Vulnerability
CVE ID :CVE-2024-40489 Published : April 1, 2026, 5:16 p.m. | 3 hours, 19 minutes ago Description :There is an injection vulnerability in jeecg boot versions 3.0.0 to 3.5.3 due to lax character filtering, which all
CVE-2024-43028 - Jeecg Boot Command Injection Vulnerability
CVE ID :CVE-2024-43028 Published : April 1, 2026, 5:16 p.m. | 3 hours, 19 minutes ago Description :A command injection vulnerability in the component /jmreport/show of jeecg boot v3.0.0 to v3.5.3 allows attackers t
CVE-2026-27018 - Gotenberg: Chromium deny-list bypass via case-insensitive URL scheme
CVE ID :CVE-2026-27018 Published : March 30, 2026, 9:17 p.m. | 1 hour, 19 minutes ago Description :Gotenberg is an API for converting document formats. Prior to version 8.29.0, the fix introduced for CVE-2024-21527
CVE-2024-26230
Currently trending CVE - Hype Score: 1 - Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2024-3094
Currently trending CVE - Hype Score: 1 - Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt