ARTIKEL SUCHE

Threat Feed Query

Durchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.

284 Ergebnisse fuer CVE-2024 Seite 9 von 15

Cisco Identity Services Engine Vulnerability Allows Attackers to Restart ISE Unexpectedly

A critical vulnerability in Cisco Identity Services Engine (ISE) could allow remote attackers to crash the system through a crafted sequence of RADIUS requests. The flaw CVE-2024-20399, lies in how ISE handles repeated a

cybersecuritynews.com • 2025-11-07

CVE-2024-1086

Currently trending CVE - Hype Score: 12 - A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allow

cvemon.intruder.io • 2025-11-02

CISA Warns of Linux Kernel Use-After-Free Vulnerability Exploited in Attacks to Deploy Ransomware

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert about a critical use-after-free vulnerability in the Linux kernel, tracked as CVE-2024-1086. This vulnerability, hidden within t

cybersecuritynews.com • 2025-11-01

Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks

CISA warns ransomware gangs exploit CVE-2024-1086, a Linux kernel flaw in netfilter: nf_tables, introduced in 2014 and patched in Jan 2024. CISA warned that ransomware gangs are exploiting CVE-2024-1086, a high-severity

securityaffairs.com • 2025-10-31

CVE-2024-3495

Currently trending CVE - Hype Score: 21 - The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insuffic

cvemon.intruder.io • 2025-10-24

CVE-2024-4701

Currently trending CVE - Hype Score: 27 - A path traversal issue potentially leading to remote code execution in Genie for all versions prior to 4.3.18

cvemon.intruder.io • 2025-10-17

CVE-2024-23265

Currently trending CVE - Hype Score: 17 - A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, visionOS 1.1, iOS 17

cvemon.intruder.io • 2025-10-09

CVE-2024-3400

Currently trending CVE - Hype Score: 25 - A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and disti

cvemon.intruder.io • 2025-10-02

Hackers Actively Scanning to Exploit Palo Alto Networks PAN-OS Global Protect Vulnerability

Security researchers are observing a significant increase in internet-wide scans targeting the critical PAN-OS GlobalProtect vulnerability (CVE-2024-3400).  Exploit attempts have surged as attackers seek to leverage an a

cybersecuritynews.com • 2025-09-30

Akira Ransomware bypasses MFA on SonicWall VPNs

Akira ransomware is targeting SonicWall SSL VPNs, bypassing OTP MFA on accounts, likely using stolen OTP seeds. Since July 2025, Akira ransomware has exploited SonicWall SSL VPNs, likely using credentials obtained from t

securityaffairs.com • 2025-09-29

SUSE Rancher Vulnerabilities Let Attackers Lockout the Administrators Account

A critical flaw in SUSE Rancher’s user management module allows privileged users to disrupt administrative access by modifying usernames of other accounts.  Tracked as CVE-2024-58260, this vulnerability affects Rancher M

cybersecuritynews.com • 2025-09-29

CVE-2024-38399

Currently trending CVE - Hype Score: 15 - Memory corruption while processing user packets to generate page faults.

cvemon.intruder.io • 2025-09-26

How threat actors breached a U.S. federal civilian agency by exploiting a GeoServer flaw

US CISA revealed that threat actors exploited an unpatched vulnerability in GeoServer to breach a U.S. federal civilian agency’s network. Threat actors breached a U.S. federal agency via unpatched GeoServer flaw, tracked

securityaffairs.com • 2025-09-24

CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability

CISA has released a comprehensive cybersecurity advisory detailing how threat actors successfully compromised a U.S. federal civilian executive branch agency’s network by exploiting CVE-2024-36401, a critical remote code

cybersecuritynews.com • 2025-09-24

CVE-2024-28986

Currently trending CVE - Hype Score: 17 - SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on

cvemon.intruder.io • 2025-09-23

SolarWinds Makes Third Attempt at Patching Exploited Vulnerability

CVE-2025-26399 is a patch bypass of CVE-2024-28988, which is a patch bypass of the exploited CVE-2024-28986. The post SolarWinds Makes Third Attempt at Patching Exploited Vulnerability appeared first on SecurityWeek.

securityweek.com • 2025-09-23

CVE-2024-28988

Currently trending CVE - Hype Score: 14 - SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on

cvemon.intruder.io • 2025-09-23

Hackers Bypassing Windows Mark of the Web Files Using LNK Stomping Attack

A sophisticated attack technique called LNK Stomping has emerged as a critical threat to Windows security, exploiting a fundamental flaw in how the operating system handles shortcut files to bypass security controls.  De

cybersecuritynews.com • 2025-09-22

CVE-2024-35374

Currently trending CVE - Hype Score: 9 - Mocodo Mocodo Online 4.2.6 and below does not properly sanitize the sql_case input field in /web/generate.php, allowing remote attackers to execute arbitrary commands and potentia

cvemon.intruder.io • 2025-09-20

CVE-2024-34102

Currently trending CVE - Hype Score: 9 - Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could r

cvemon.intruder.io • 2025-09-19