ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
CVE-2024-14036 - Dräger Core 1.0.5 Denial of Service via Malformed SDC Message
CVE ID :CVE-2024-14036 Published : June 2, 2026, 10:16 p.m. | 57 minutes ago Description :Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adja
Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of a
[Low] CVE-2024-42206 – HCL iReflection Third party vulnerable and outdated components issue was detecte...
Low CVE-2024-42206 HCL iReflection Third party vulnerable and outdated components issue was detected in the web application CVSS: 3.1 · CWE: N/A View on NVD
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Netw
CISA Warns of Two-Year-Old Oracle WebLogic Server Vulnerability Exploited in Attacks
CISA has issued a fresh warning highlighting active exploitation of a critical Oracle WebLogic Server vulnerability, tracked as CVE-2024-21182, adding it to its Known Exploited Vulnerabilities (KEV) catalog on June 1, 20
USN-8367-1: tar-fs vulnerabilities
It was discovered that tar-fs did not properly limit paths when extracting crafted tar files. An attacker could possibly use this issue to write or overwrite files outside the intended extraction directory. This issue on
Oracle WebLogic Vulnerability Exploited in the Wild
The vulnerability is CVE-2024-21182 and it can be exploited without authentication to hack affected WebLogic servers. The post Oracle WebLogic Vulnerability Exploited in the Wild appeared first on SecurityWeek.
CVE-2024-21182
Currently trending CVE - Hype Score: 4 - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exp
[High] CVE-2024-52011 – launch-editor allows users to open files with line numbers in editor from Node.j...
High CVE-2024-52011 launch-editor allows users to open files with line numbers in editor from Node.js. Prior to version 2.9.0, due to the insufficient sanitization of the `file` argument in the `launchEditor`, an attacke
[High] CVE-2024-40646 – Vertex is a management tool for PT (Private Tracker) users to manage streaming a...
High CVE-2024-40646 Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to commit fbde301b97986d5913fc4bc95f5445750d282e11 are vulnerable to path traversal.
CVE-2024-40646 - Vertex Vulnerable to Path Traversal
CVE ID :CVE-2024-40646 Published : June 1, 2026, 3:16 p.m. | 1 hour, 56 minutes ago Description :Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to
CVE-2024-13745
Currently trending CVE - Hype Score: 1
CVE-2024-52577
Currently trending CVE - Hype Score: 4 - In Apache Ignite versions from 2.6.0 and before 2.17.0, configured Class Serialization Filters are ignored for some Ignite endpoints. The vulnerability could be exploited if an at
[Low] CVE-2024-47272 – Incorrect authorization vulnerability in IO Module functionality in Synology Sur...
Low CVE-2024-47272 Incorrect authorization vulnerability in IO Module functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to li
[Medium] CVE-2024-11399 – Files or directories accessible to external parties vulnerability in redis-serve...
Medium CVE-2024-11399 Files or directories accessible to external parties vulnerability in redis-server component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to conduct denial-of-service attack
[Low] CVE-2024-47267 – Improper limitation of a pathname to a restricted directory ('Path Traversal') v...
Low CVE-2024-47267 Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in Archiving Pull functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows re
[Medium] CVE-2024-47268 – Missing authorization vulnerability in AddOns functionality in Synology Surveill...
Medium CVE-2024-47268 Missing authorization vulnerability in AddOns functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator privileges to obta
[Medium] CVE-2024-47269 – Cleartext transmission of sensitive information vulnerability in Export Key func...
Medium CVE-2024-47269 Cleartext transmission of sensitive information vulnerability in Export Key functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with ad
[Low] CVE-2024-47270 – Improper preservation of permissions vulnerability in Archiving Push functionali...
Low CVE-2024-47270 Improper preservation of permissions vulnerability in Archiving Push functionality in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrato
[Medium] CVE-2024-47271 – Insufficiently protected credentials vulnerability in IPSpeaker component in Syn...
Medium CVE-2024-47271 Insufficiently protected credentials vulnerability in IPSpeaker component in Synology Surveillance Station before 9.2.2-11575 and 9.2.2-9575 allows remote authenticated users with administrator priv