SecPod Cyber Bulletin 32nd Issue – SecPod Community

This topic has 0 replies, 1 voice, and was last updated by saanidhyadwivedi.

Viewing 0 reply threads

Author

Posts
- December 9, 2024 at 7:32 am #6254
  saanidhyadwivedi
  Participant
  1. Windows Zero-Days and Firefox Issues
  
  The RomCom group has been exploiting zero-day vulnerabilities (CVE-2024-9680 and CVE-2024-49039) in Windows and Firefox, emphasizing the need for continuous monitoring and timely updates.
  
  CVSS Score: 9.8,8.8
  
  2. Critical Flaw Detected in ProjectSend
  
  A critical vulnerability (CVE-2024-11680) in the ProjectSend open-source file-sharing application has been actively exploited in the wild.
  
  CVSS Score: 9.8
  
  3. Critical QNAP Vulnerability
  
  A critical vulnerability (CVE-2024-48860) in QNAP devices allows attackers to execute remote code, posing significant risks to data security.
  
  CVSS Score: 9.5
  
  4. 7-Zip Vulnerability
  
  A recently discovered vulnerability (CVE-2024-11477) in 7-Zip allows attackers to execute arbitrary code on affected systems.
  
  CVSS Score: 7.8
  
  5. VMware Aria Operations Vulnerabilities
  
  Several vulnerabilities (CVE-2024-38830, CVE-2024-38831 & CVE-2024-38832) in VMware Aria Operations have been reported, which could be exploited by attackers to gain control over affected systems.
  
  CVSS Score: 7.8, 7.8, 7.1
Author

Posts

Viewing 0 reply threads

You must be logged in to reply to this topic.