CVE-2024-48510

Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

This Cyber News was published on www.tenable.com. Publication date: Thu, 14 Nov 2024 09:11:03 +0000

Cyber News related to CVE-2024-48510

AWS LetsEncrypt Lambda: Custom TLS Provider - DZone - Trying to renew ... INFO[0000] Checking certificate for domain 'hackernoon.referrs.me' with arn 'arn:aws:acm:us-east-2:004867756392:certificate/72f872fd-e577-43f4-ae38-6833962630af' INFO[0000] Certificate status is 'ISSUED' INFO[0000] Certificate in ...
4 months ago Feeds.dzone.com

CISA Releases 7 ICS Advisories Detailing Vulnerabilities & Exploits - This vulnerability, tracked as CVE-2024-48510, has a CVSS v4 score of 9.3. Siemens has released updates for SiPass Integrated and recommends users upgrade to versions V2.90.3.19 or V2.95.3.15 and later. This vulnerability, identified as ...
1 week ago Cybersecuritynews.com CVE-2024-48510 CVE-2025-1265 CVE-2025-0352

CVE-2024-48510 - Directory Traversal vulnerability in DotNetZip v.1.16.0 and before allows a remote attacker to execute arbitrary code via the src/Zip.Shared/ZipEntry.Extract.cs component NOTE: This vulnerability only affects products that are no longer supported by ...
3 months ago Tenable.com

CVE-2022-48510 - Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability will cause unauthorized operations. ...
1 year ago

CVE-2023-48510 - Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript ...
1 year ago Tenable.com

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
8 months ago Tenable.com

The Top 24 Security Predictions for 2024 - Welcome to the second installment of this comprehensive annual look at global cybersecurity industry predictions from the top security industry vendors, technology magazines, expert thought leaders and many more. Last week, in part one of The Top 24 ...
1 year ago Securityboulevard.com

CVE-2024-9256 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

CVE-2024-9255 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

CVE-2024-9254 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

CVE-2024-9253 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

CVE-2024-9252 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

CVE-2024-9251 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

CVE-2024-9250 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

CVE-2024-9246 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

CVE-2024-9243 - Addressed potential issues where the application could be exposed to a Use-After-Free vulnerability and crash when handling certain checkbox field objects, Doc objects, Annotation objects, or AcroForms, which attackers could exploit to execute remote ...
4 months ago Tenable.com

Securing Gold: Assessing Cyber Threats on Paris 2024 - The next Olympic Games hosted in Paris will take place from 26 July to 11 August 2024, while the Paralympic Games will be carried out from 28 August to 8 September 2024. Paris 2024 estimated the number of spectators for the next edition to be 9,7 ...
1 year ago Blog.sekoia.io

Microsoft Office 2024 now available for Windows and macOS users - As announced earlier in September, starting in Office 2024, Microsoft will also turn off ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps, a measure likely prompted by ActiveX's well-known security issues. Last month, ...
4 months ago Bleepingcomputer.com

Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now! - “Beginning on September 28, @Proofpoint began observing attempts to exploit CVE-2024-45519, a remote code execution vulnerability in Zimbra mail servers. Beginning on September 28, @Proofpoint began observing attempts to exploit CVE-2024-45519, ...
4 months ago Securityaffairs.com CVE-2024-45519

The Top 24 Security Predictions for 2024 - For 2024, top topics range from upcoming elections to regional wars to space exploration to advances in AI. And with technology playing a more central role in every area of life, annual cybersecurity prediction reports, cyber industry forecasts and ...
1 year ago Securityboulevard.com

Ransomware Attack Demands Reach a Staggering $5.2m in 2024 - The average extortion demand per ransomware attack was over $5.2m in the first half of 2024, according to a new analysis by Comparitech. This figure was calculated from 56 known ransom demands issued by threat actors from January-June 2024. The ...
7 months ago Infosecurity-magazine.com 8base LockBit Inc ransom Akira Qilin Medusa

Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security - Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of critical severity. For the second straight month, ...
1 year ago Darkreading.com CVE-2024-20674 CVE-2024-20700 CVE-2024-21307 CVE-2024-21318 CVE-2023-21310 CVE-2023-36036 CVE-2024-20653 CVE-2024-20698 CVE-2024-20683 CVE-2024-20686

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability - On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers on glibc-based Linux systems. Using Palo Alto Networks Xpanse data, we observed 23 million instances of OpenSSH servers including all versions. ...
7 months ago Unit42.paloaltonetworks.com CVE-2024-6387 CVE-2006-5051 CVE-2008-4109

Latest Cyber News

New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 5 minutes ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 24 minutes ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 48 minutes ago
18 Best Web Filtering Solutions - 2025 - 1 hour ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 5 hours ago
Vo1d malware botnet grows to 1.6 million Android TVs worldwide - 9 hours ago
New Vo1d botnet variant infects 1.6 million Android TVs worldwide - 9 hours ago
CVE-2025-25730 - 11 hours ago
CVE-2025-25570 - 11 hours ago
CVE-2025-26264 - 11 hours ago
CVE-2025-26325 - 11 hours ago
Privacy tech firms warn France’s encryption and VPN laws threaten privacy - 11 hours ago
CVE-2023-5904 - 12 hours ago
CVE-2023-5903 - 12 hours ago
CVE-2023-5902 - 12 hours ago
CVE-2023-6073 - 12 hours ago
CVE-2023-6039 - 12 hours ago
CVE-2023-4625 - 12 hours ago
CVE-2023-47610 - 12 hours ago
CVE-2023-6076 - 12 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
Kimsuky - 1 year ago
23andMe - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

New GitHub Scam With Thousand of “mods" & "cracks" Steal Your Data - 5 minutes ago
260 Domains Hosting 5,000 Weaponized PDF Files Attacking Users - 24 minutes ago
Wallbleed Exposes Memory Vulnerability in China’s Great Firewall DNS System - 48 minutes ago
18 Best Web Filtering Solutions - 2025 - 1 hour ago
DeepSeek Data Leak - 12,000 Hardcoded Live API keys and Passwords Exposed - 5 hours ago
CVE-2018-9994 - 1 year ago
CVE-2018-9329 - 1 year ago
CVE-2018-9324 - 1 year ago
CVE-2018-9323 - 1 year ago
CVE-2018-9321 - 1 year ago
CVE-2018-9319 - 1 year ago
CVE-2018-9317 - 1 year ago
CVE-2018-9316 - 1 year ago
CVE-2018-9315 - 1 year ago
CVE-2018-9131 - 1 year ago
CVE-2018-9060 - 1 year ago
CVE-2018-8661 - 1 year ago
CVE-2018-8086 - 1 year ago
CVE-2018-7865 - 1 year ago
CVE-2018-7864 - 1 year ago