CVE-2024-6354

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
3 months ago Cisa.gov

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
3 months ago Cisa.gov

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
3 weeks ago Tenable.com

The Top 24 Security Predictions for 2024 - Welcome to the second installment of this comprehensive annual look at global cybersecurity industry predictions from the top security industry vendors, technology magazines, expert thought leaders and many more. Last week, in part one of The Top 24 ...
6 months ago Securityboulevard.com

Securing Gold: Assessing Cyber Threats on Paris 2024 - The next Olympic Games hosted in Paris will take place from 26 July to 11 August 2024, while the Paralympic Games will be carried out from 28 August to 8 September 2024. Paris 2024 estimated the number of spectators for the next edition to be 9,7 ...
6 months ago Blog.sekoia.io

CVE-2024-6354 - Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard. ...
2 days ago

The Top 24 Security Predictions for 2024 - For 2024, top topics range from upcoming elections to regional wars to space exploration to advances in AI. And with technology playing a more central role in every area of life, annual cybersecurity prediction reports, cyber industry forecasts and ...
6 months ago Securityboulevard.com

Ransomware Attack Demands Reach a Staggering $5.2m in 2024 - The average extortion demand per ransomware attack was over $5.2m in the first half of 2024, according to a new analysis by Comparitech. This figure was calculated from 56 known ransom demands issued by threat actors from January-June 2024. The ...
3 days ago Infosecurity-magazine.com

CVE-2007-6354 - Unspecified vulnerability in exiftags before 1.01 has unknown impact and attack vectors, resulting from a "field offset overflow" that triggers an "illegal memory access," a different vulnerability than CVE-2007-6355. ...
13 years ago

CVE-2007-6355 - Integer overflow in exiftags before 1.01 has unknown impact and attack vectors, resulting from a "field offset overflow" that triggers an "illegal memory access," a different vulnerability than CVE-2007-6354. ...
13 years ago

CVE-2017-5469 - Fixed potential buffer overflows in generated Firefox code due to CVE-2016-6354 issue in Flex. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. ...
5 years ago

CVE-2006-6354 - Multiple SQL injection vulnerabilities in detail.asp in DuWare DuNews allow remote attackers to execute arbitrary SQL commands via the (1) iNews, (2) iType, or (3) Action parameter. NOTE: the iType parameter in type.asp is covered by CVE-2005-3976. ...
5 years ago

CVE-2020-6354 - SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this ...
2 years ago

CVE-2015-6354 - Multiple cross-site scripting (XSS) vulnerabilities in Cisco FireSight Management Center (MC) 5.4.1.3 and 6.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCuv73338. ...
7 years ago

CVE-2008-6354 - The Net Guys ASPired2poll stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing the username and password via a direct request to ASPired2poll.mdb. ...
6 years ago

CVE-2018-6354 - templates/forms/thanks.html in Formspree before 2018-01-23 allows XSS related to the _next parameter. ...
6 years ago

CVE-2018-7654 - On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/RecordingList/download?file" allows full access to files on the server via path traversal. ...
6 years ago

CVE-2014-6354 - Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, Internet Explorer 9, Internet Explorer 10, and Internet Explorer 11 allows remote attackers to execute arbitrary code. ...
5 years ago

CVE-2012-6354 - The management GUI on the IBM SAN Volume Controller and Storwize V7000 6.x before 6.4.1.3 allows remote attackers to bypass authentication and obtain superuser access via IP packets. ...
5 years ago

CVE-2018-17622 - This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a ...
3 years ago

CVE-2016-6354 - Heap-based buffer overflow in the yy_get_next_buffer function in Flex before 2.6.1 might allow context-dependent attackers to cause a denial of service or possibly execute arbitrary code via vectors involving num_to_read. ...
8 months ago

CVE-2023-6354 - Tyler Technologies Magistrate Court Case Management Plus allows an unauthenticated, remote attacker to upload, delete, and view files by manipulating the PDFViewer.aspx 'filename' parameter. ...
7 months ago Tenable.com

CVE-2021-47124 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago

Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security - Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of critical severity. For the second straight month, ...
5 months ago Darkreading.com

Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability - On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers on glibc-based Linux systems. Using Palo Alto Networks Xpanse data, we observed 23 million instances of OpenSSH servers including all versions. ...
2 days ago Unit42.paloaltonetworks.com