The Consensus Security Vulnerability Alert

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

April 2024 Microsoft Patch Tuesday Summary

Published: 2024-04-09

Last Updated: 2024-04-09 19:31:25 UTC

by Johannes Ullrich (Version: 1)

This update covers a total of 157 vulnerabilities. Seven of these vulnerabilities are Chromium vulnerabilities affecting Microsoft's Edge browser. However, only three of these vulnerabilities are considered critical. One of the vulnerabilities had already been disclosed and exploited.

Vulnerabilities of Interest:

CVE-2024-26234: This proxy driver spoofing vulnerability has already been exploited and made public before today.

CVE-2024-21322, CVE-2024-21323, CVE-2024-29053: These critical vulnerabilities allow remote code execution in Microsoft Defender for IoT.

The update patches about 40 (sorry, lost exact count) remote code execution vulnerabilities in Microsoft OLE Driver for SQL Server. These vulnerabilities are rated only "important", not "critical". The vulnerability affects clients connecting to malicious SQL servers. The client would be the target, not the server.

The seven important remote code execution vulnerabilities in the DNS Server Service look interesting. To achieve remote code execution, "perfect timing" is required according to Microsoft.

Read the full entry:

https://isc.sans.edu/diary/April+2024+Microsoft+Patch+Tuesday+Summary/30822/

Slicing up DoNex with Binary Ninja

Published: 2024-04-04

Last Updated: 2024-04-04 17:53:02 UTC

by John Moutos (Version: 1)

[This is a guest diary by John Moutos]

Intro

Ever since the LockBit source code leak back in mid-June 2022, it is not surprising that newer ransomware groups have chosen to adopt a large amount of the LockBit code base into their own, given the success and efficiency that LockBit is notorious for. One of the more clear-cut spinoffs from LockBit, is Darkrace, a ransomware group that popped up mid-June 2023, with samples that closely resembled binaries from the leaked LockBit builder, and followed a similar deployment routine. Unfortunately, Darkrace dropped off the radar after the administrators behind the LockBit clone decided to shut down their leak site.

It is unsurprising that, 8 months after the appearance and subsequent disappearance of the Darkrace group, a new group who call themselves DoNex, have appeared in their place, utilizing samples that closely resemble those previously used by the Darkrace group, and LockBit by proxy.

Analysis

Dropping the DoNex sample in "Detect It Easy" (DIE), we can see the binary does not appear to be packed, is 32-bit, and compiled with Microsoft's Visual C/C++ compiler.

https://isc.sans.edu/diary/Slicing+up+DoNex+with+Binary+Ninja/30812/

A Use Case for Adding Threat Hunting to Your Security Operations Team. Detecting Adversaries Abusing Legitimate Tools in A Customer Environment. [Guest Diary] (2024.04.07)

https://isc.sans.edu/diary/A+Use+Case+for+Adding+Threat+Hunting+to+Your+Security+Operations+Team+Detecting+Adversaries+Abusing+Legitimate+Tools+in+A+Customer+Environment+Guest+Diary/30816/

Some things you can learn from SSH traffic (2024.04.03)

https://isc.sans.edu/diary/Some+things+you+can+learn+from+SSH+traffic/30808/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

Product: Flowmon Networks FlowmonCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2389ISC Podcast: https://isc.sans.edu/podcastdetail/8922NVD References: - https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability- https://www.flowmon.comCVE-2024-21894 - Ivanti Connect Secure and Ivanti Policy Secure are vulnerable to a heap overflow flaw that can be exploited by an unauthenticated attacker to crash the service and potential execute arbitrary code.Product: Ivanti Connect SecureCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21894ISC Podcast: https://isc.sans.edu/podcastdetail/8924NVD References: https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-22052 - Ivanti Connect Secure and Ivanti Policy Secure are vulnerable to a null pointer dereference flaw which can be exploited by an unauthenticated attacker to conduct a DoS attack.Product: Ivanti Connect SecureCVSS Score: 7.5NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22052ISC Podcast: https://isc.sans.edu/podcastdetail/8924NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-22053 - Ivanti Connect Secure and Ivanti Policy Secure are susceptible to a heap overflow vulnerability allowing an unauthenticated attacker to crash the service or potentially read memory contents.Product: Ivanti Connect SecureCVSS Score: 8.2NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22053ISC Podcast: https://isc.sans.edu/podcastdetail/8924NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-29990 - Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityProduct: Microsoft Azure Kubernetes ServiceCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29990ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29990CVE-2024-29748 - Product X has a logic error that could allow for local privilege escalation without the need for additional execution privileges, but requires user interaction for exploitation.Product: Google AndroidCVSS Score: 7.8** KEV since 2024-04-04 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29748NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01CVE-2024-21322, CVE-2024-21323, CVE-2024-29053 - Microsoft Defender for IoT Remote Code Execution VulnerabilitiesProduct: Microsoft Defender for IoTCVSS Scores: 7.2-8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21322NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21323NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29053ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21322MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21323MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29053CVE-2024-29745 - The vulnerable product has uninitialized data that may lead to local information disclosure without requiring user interaction.Product: Google AndroidCVSS Score: 5.5** KEV since 2024-04-04 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29745NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01CVE-2024-26234 - Proxy Driver Spoofing VulnerabilityProduct: Microsoft Windows ServerCVSS Score: 6.7NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26234ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26234CVE-2024-30620, CVE-2024-30621 - Tenda AX1803 v1.0.0.1 contains a stack overflow vulnerabilitiesProduct: Tenda Ax1803CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30620NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30621NVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.mdNVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.mdCVE-2024-25918 - InstaWP Connect allows code injection through unrestricted upload of dangerous file types, affecting versions from n/a through 0.1.0.8.Product: InstaWP Team InstaWP ConnectCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-202…

Product: Ivanti Connect Secure

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21894

ISC Podcast: https://isc.sans.edu/podcastdetail/8924

NVD References:

CVE-2024-21894-Heap-Overflow-

CVE-2024-22052-Null-Pointer-Dereference-

CVE-2024-22053-Heap-Overflow-and-

CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US" target="_self">https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-22052 - Ivanti Connect Secure and Ivanti Policy Secure are vulnerable to a null pointer dereference flaw which can be exploited by an unauthenticated attacker to conduct a DoS attack.Product: Ivanti Connect SecureCVSS Score: 7.5NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22052ISC Podcast: https://isc.sans.edu/podcastdetail/8924NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-22053 - Ivanti Connect Secure and Ivanti Policy Secure are susceptible to a heap overflow vulnerability allowing an unauthenticated attacker to crash the service or potentially read memory contents.Product: Ivanti Connect SecureCVSS Score: 8.2NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22053ISC Podcast: https://isc.sans.edu/podcastdetail/8924NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-29990 - Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityProduct: Microsoft Azure Kubernetes ServiceCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29990ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29990CVE-2024-29748 - Product X has a logic error that could allow for local privilege escalation without the need for additional execution privileges, but requires user interaction for exploitation.Product: Google AndroidCVSS Score: 7.8** KEV since 2024-04-04 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29748NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01CVE-2024-21322, CVE-2024-21323, CVE-2024-29053 - Microsoft Defender for IoT Remote Code Execution VulnerabilitiesProduct: Microsoft Defender for IoTCVSS Scores: 7.2-8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21322NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21323NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29053ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21322MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21323MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29053CVE-2024-29745 - The vulnerable product has uninitialized data that may lead to local information disclosure without requiring user interaction.Product: Google AndroidCVSS Score: 5.5** KEV since 2024-04-04 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29745NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01CVE-2024-26234 - Proxy Driver Spoofing VulnerabilityProduct: Microsoft Windows ServerCVSS Score: 6.7NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26234ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26234CVE-2024-30620, CVE-2024-30621 - Tenda AX1803 v1.0.0.1 contains a stack overflow vulnerabilitiesProduct: Tenda Ax1803CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30620NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30621NVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.mdNVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.mdCVE-2024-25918 - InstaWP Connect allows code injection through unrestricted upload of dangerous file types, affecting versions from n/a through 0.1.0.8.Product: InstaWP Team InstaWP ConnectCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25918NVD References: https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-remote-code-execution-vulnerability?_s_id=cveCVE-2024-27951 - Multiple Page Generator Plugin - MPG allows unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server.Product: Themeisle Multiple Page Generator PluginCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27951NVD References: https://patchstack.com/database/vulnerability/multiple-pages-generator-by-por…

CVE-2024-21894-Heap-Overflow-

CVE-2024-22052-Null-Pointer-Dereference-

CVE-2024-22053-Heap-Overflow-and-

CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US" target="_self">https://forums.ivanti.com/s/article/SA-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-22052 - Ivanti Connect Secure and Ivanti Policy Secure are vulnerable to a null pointer dereference flaw which can be exploited by an unauthenticated attacker to conduct a DoS attack.Product: Ivanti Connect SecureCVSS Score: 7.5NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22052ISC Podcast: https://isc.sans.edu/podcastdetail/8924NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-22053 - Ivanti Connect Secure and Ivanti Policy Secure are susceptible to a heap overflow vulnerability allowing an unauthenticated attacker to crash the service or potentially read memory contents.Product: Ivanti Connect SecureCVSS Score: 8.2NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22053ISC Podcast: https://isc.sans.edu/podcastdetail/8924NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_USCVE-2024-29990 - Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege VulnerabilityProduct: Microsoft Azure Kubernetes ServiceCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29990ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29990CVE-2024-29748 - Product X has a logic error that could allow for local privilege escalation without the need for additional execution privileges, but requires user interaction for exploitation.Product: Google AndroidCVSS Score: 7.8** KEV since 2024-04-04 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29748NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01CVE-2024-21322, CVE-2024-21323, CVE-2024-29053 - Microsoft Defender for IoT Remote Code Execution VulnerabilitiesProduct: Microsoft Defender for IoTCVSS Scores: 7.2-8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21322NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21323NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29053ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21322MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21323MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29053CVE-2024-29745 - The vulnerable product has uninitialized data that may lead to local information disclosure without requiring user interaction.Product: Google AndroidCVSS Score: 5.5** KEV since 2024-04-04 **NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29745NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01CVE-2024-26234 - Proxy Driver Spoofing VulnerabilityProduct: Microsoft Windows ServerCVSS Score: 6.7NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26234ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26234CVE-2024-30620, CVE-2024-30621 - Tenda AX1803 v1.0.0.1 contains a stack overflow vulnerabilitiesProduct: Tenda Ax1803CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30620NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30621NVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.mdNVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.mdCVE-2024-25918 - InstaWP Connect allows code injection through unrestricted upload of dangerous file types, affecting versions from n/a through 0.1.0.8.Product: InstaWP Team InstaWP ConnectCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25918NVD References: https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-remote-code-execution-vulnerability?_s_id=cveCVE-2024-27951 - Multiple Page Generator Plugin - MPG allows unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a web server.Product: Themeisle Multiple Page Generator PluginCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27951NVD References: https://patchstack.com/database/vulnerability/multiple-pages-generator-by-por…

CVE-2024-21894-Heap-Overflow-

CVE-2024-22052-Null-Pointer-Dereference-

CVE-2024-22053-Heap-Overflow-and-

CVE-2024-22052 - Ivanti Connect Secure and Ivanti Policy Secure are vulnerable to a null pointer dereference flaw which can be exploited by an unauthenticated attacker to conduct a DoS attack.

Product: Ivanti Connect Secure

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22052

ISC Podcast: https://isc.sans.edu/podcastdetail/8924

NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

CVE-2024-22053 - Ivanti Connect Secure and Ivanti Policy Secure are susceptible to a heap overflow vulnerability allowing an unauthenticated attacker to crash the service or potentially read memory contents.

Product: Ivanti Connect Secure

CVSS Score: 8.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22053

ISC Podcast: https://isc.sans.edu/podcastdetail/8924

NVD References: https://forums.ivanti.com/s/article/New-CVE-2024-21894-Heap-Overflow-CVE-2024-22052-Null-Pointer-Dereference-CVE-2024-22053-Heap-Overflow-and-CVE-2024-22023-XML-entity-expansion-or-XXE-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US

Product: Microsoft Azure Kubernetes Service

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29990

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29990

Product: Google Android

CVSS Score: 7.8

** KEV since 2024-04-04 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29748

NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01

Product: Microsoft Defender for IoT

CVSS Scores: 7.2-8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21322

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21323

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29053

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21322

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21323

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29053

Product: Google Android

CVSS Score: 5.5

** KEV since 2024-04-04 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29745

NVD References: https://source.android.com/security/bulletin/pixel/2024-04-01

Product: Microsoft Windows Server

CVSS Score: 6.7

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26234

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26234

Product: Tenda Ax1803

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30620

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-30621

NVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serviceName_parameter_in_the_function_fromAdvSetMacMtuWan.md

NVD References: https://github.com/re1wn/IoT_vuln/blob/main/Tenda_AX1803_v1.0.0.1_contains_a_stack_overflow_via_the_serverName_parameter_in_the_function_fromAdvSetMacMtuWan.md

Product: InstaWP Team InstaWP Connect

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25918

NVD References: https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-8-remote-code-execution-vulnerability?_s_id=cve

Product: Themeisle Multiple Page Generator Plugin

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27951

NVD References: https://patchstack.com/database/vulnerability/multiple-pages-generator-by-porthas/wordpress-multiple-page-generator-plugin-3-4-0-remote-code-execution-rce-vulnerability?_s_id=cve

Product: Very Good Plugins WP Fusion Lite

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-27972

NVD References: https://patchstack.com/database/vulnerability/wp-fusion-lite/wordpress-wp-fusion-lite-plugin-3-41-24-remote-code-execution-rce-vulnerability?_s_id=cve

Product: Soflyy Oxygen Builder

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31380

NVD References:

- https://patchstack.com/articles/unpatched-authenticated-rce-in-oxygen-and-breakdance-builder?_s_id=cve

- https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-plugin-4-8-1-auth-remote-code-execution-rce-vulnerability?_s_id=cve

- https://snicco.io/vulnerability-disclosure/oxygen/client-control-remote-code-execution-oxygen-4-8-1?_s_id=cve

Product: Soflyy Breakdance

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31390

NVD References:

- https://patchstack.com/articles/unpatched-authenticated-rce-in-oxygen-and-breakdance-builder?_s_id=cve

- https://patchstack.com/database/vulnerability/breakdance/wordpress-breakdance-plugin-1-7-0-authenticated-remote-code-execution-rce-vulnerability?_s_id=cve

- https://snicco.io/vulnerability-disclosure/breakdance/client-mode-remote-code-execution-breakdance-1-7-0?_s_id=cve

Product: VideoWhisper Live Streaming Integration

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25699

NVD References: https://patchstack.com/database/vulnerability/videowhisper-live-streaming-integration/wordpress-broadcast-live-video-live-streaming-html5-webrtc-hls-rtsp-rtmp-plugin-5-5-15-remote-code-execution-rce?_s_id=cve

Product: SL Cwicly Builder

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24707

NVD References:

- https://patchstack.com/database/vulnerability/cwicly/wordpress-cwicly-plugin-1-4-0-2-remote-code-execution-rce-vulnerability?_s_id=cve

- https://snicco.io/vulnerability-disclosure/cwicly/remote-code-execution-cwicly-1-4-0-2?_s_id=cve

Product: Canto

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25096

NVD References: https://patchstack.com/database/vulnerability/canto/wordpress-canto-plugin-3-0-6-unauthenticated-remote-code-execution-rce-vulnerability?_s_id=cve

Product: D-Link DNS-320L

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3272

NVD References:

- https://github.com/netsecfish/dlink

- https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10383

- https://vuldb.com/?ctiid.259283

- https://vuldb.com/?id.259283

Product: SiYuan version 3.0.3CVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2692NVD References: - https://fluidattacks.com/advisories/dezco/- https://github.com/siyuan-note/siyuan/CVE-2023-36645 - SQL injection vulnerability in ITB-GmbH TradePro v9.5, allows remote attackers to run SQL queries via oordershow component in customer function.Product: ITB-GmbH TradeProCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36645NVD References: https://github.com/caffeinated-labs/CVE-2023-36645CVE-2023-3454 - Brocade Fabric OS is vulnerable to remote code execution (RCE) allowing attackers to execute arbitrary code and gain root access to the switch.Product: Brocade Fabric OSCVSS Score: 8.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3454ISC Podcast: https://isc.sans.edu/podcastdetail/8928NVD References: https://support.broadcom.com/external/content/SecurityAdvisories/0/23215CVE-2024-25693 - Esri Portal for ArcGIS versions <= 11.2 allows remote authenticated attackers to execute code by exploiting a path traversal vulnerability.Product: Esri Portal for ArcGISCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25693NVD References: https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/CVE-2024-31218 - Webhood is vulnerable to Missing Authentication for Critical Function in versions 0.9.0 and earlier, allowing an unauthenticated attacker to create admin accounts through the database admin API.Product: Pocketbase WebhoodCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31218NVD References: - https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9- https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2CVE-2023-48426 - u-boot bug that allows for u-boot shell and interrupt over UARTProduct: u-bootCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48426NVD References: https://source.android.com/docs/security/bulletin/chromecast/2023-12-01CVE-2024-22004 - Linux Nonsecure operating system is vulnerable to privilege escalation attacks that can lead to secure memory leakage from Trusted Applications due to a length check vulnerability.Product: Linux Nonsecure operating systemCVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22004NVD References: https://support.google.com/product-documentation/answer/14580222?hl=en&ref_topic=12974021&sjid=10751611047462550096-NACVE-2024-31848 - CData API Server version < 23.4.8844 using embedded Jetty server is vulnerable to path traversal, allowing remote attackers to gain administrative access.Product: CData API ServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31848NVD References: https://www.tenable.com/security/research/tra-2024-09CVE-2024-31849 - CData Connect Java version < 23.4.8846 running on embedded Jetty server is vulnerable to path traversal, enabling an unauthenticated remote attacker to gain administrative access.Product: CData ConnectCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31849NVD References: https://www.tenable.com/security/research/tra-2024-09CVE-2024-25029 - IBM Personal Communications 14.0.6 through 15.0.1 contains a vulnerability that permits remote code execution and local privilege escalation, enabling an unprivileged user to execute commands with full privileges on a target computer.Product: IBM Personal CommunicationsCVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25029NVD References: - https://exchange.xforce.ibmcloud.com/vulnerabilities/281619- https://www.ibm.com/support/pages/node/7147672CVE-2024-3156, CVE-2024-3158, CVE-2024-3159 - Multiple Vulnerabilities in Chromium: Inappropriate implementation in V8; Use after free in Bookmarks; Out of bounds memory access in V8Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3156NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3158NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3159ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3156MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3158MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3159NVD References: https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.htmlNVD References: https://issues.chromium.org/issues/329130358NVD References: https://issues.chromium.org/issues/329965696NVD References: https://issues.chromium.org/issues/330760873CVE-2024-31280 - Andy Moyle Church Admin is vulnerable to an unrestricted upload of file with dangerous type flaw from versions n/a through 4.1.5.Product: Andy Moyle Church AdminCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31280NVD References: https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-1-5-arbitrary-file-upload-vulnerability?_s_id=cveCVE-2024-31286 - WP Photo A…

Product: Brocade Fabric OS

CVSS Score: 8.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3454

ISC Podcast: https://isc.sans.edu/podcastdetail/8928

NVD References: https://support.broadcom.com/external/content/SecurityAdvisories/0/23215

Product: Esri Portal for ArcGIS

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25693

NVD References: https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/portal-for-arcgis-security-2024-update-2/

Product: Pocketbase Webhood

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31218

NVD References:

- https://github.com/webhood-io/webhood/commit/735e7fa2814edeec9a2c07778ed51b3c018609f9

- https://github.com/webhood-io/webhood/security/advisories/GHSA-h533-rxhm-73j2

Product: u-boot

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48426

NVD References: https://source.android.com/docs/security/bulletin/chromecast/2023-12-01

Product: Linux Nonsecure operating system

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-22004

NVD References: https://support.google.com/product-documentation/answer/14580222?hl=en&ref_topic=12974021&sjid=10751611047462550096-NA

Product: CData API Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31848

NVD References: https://www.tenable.com/security/research/tra-2024-09

Product: CData Connect

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31849

NVD References: https://www.tenable.com/security/research/tra-2024-09

Product: IBM Personal Communications

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-25029

NVD References:

- https://exchange.xforce.ibmcloud.com/vulnerabilities/281619

- https://www.ibm.com/support/pages/node/7147672

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3156

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3158

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3159

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3156

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3158

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3159

NVD References: https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html

NVD References: https://issues.chromium.org/issues/329130358

NVD References: https://issues.chromium.org/issues/329965696

NVD References: https://issues.chromium.org/issues/330760873

Product: Andy Moyle Church Admin

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31280

NVD References: https://patchstack.com/database/vulnerability/church-admin/wordpress-church-admin-plugin-4-1-5-arbitrary-file-upload-vulnerability?_s_id=cve

Product: J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31286

NVD References: https://patchstack.com/database/vulnerability/wp-photo-album-plus/wordpress-wp-photo-album-plus-plugin-8-6-03-005-arbitrary-file-upload-vulnerability?_s_id=cve

Product: Sukhchain Singh Auto Poster

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31345

NVD References: https://patchstack.com/database/vulnerability/auto-poster/wordpress-auto-poster-plugin-1-2-arbitrary-file-upload-vulnerability?_s_id=cve

Product: GPT Academic gpt_academic

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-31224

NVD References:

- https://github.com/binary-husky/gpt_academic/commit/8af6c0cab6d96f5c4520bec85b24802e6e823f35

- https://github.com/binary-husky/gpt_academic/pull/1648

- https://github.com/binary-husky/gpt_academic/security/advisories/GHSA-jcjc-89wr-vv7g

Product: Philips Hue Smart Bridge

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-1083

NVD References: https://cert.vde.com/en/advisories/VDE-2024-009

Product: LG webOS

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6318

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6319

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6320

NVD References: https://bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/

Product: Fortinet FortiClientLinux

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-45590

NVD References: https://fortiguard.com/psirt/FG-IR-23-087

Product: Microsoft Outlook

CVSS Score: 8.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20670

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20670

Product: Microsoft Windows Operating System

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20678

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20678

Product: Microsoft Windows

CVSS Scores: 6.3-8.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20669

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20688

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20689

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26168

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26171

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26175

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26180

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26189

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26194

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26240

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26250

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28896

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28897

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28898

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28903

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28919

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28920

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28921

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28922

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28923

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28924

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28925

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29061

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29062

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20669

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20688

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20689

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26168

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26171

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26175

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26180

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26189

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26194

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26240

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26250

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28896

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28897

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28898

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28903

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28919

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28920

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28921

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28922

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28923

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28924

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28925

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29061

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29062

Product: Microsoft Windows Kernel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-20693

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26218

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20693

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26218

Product: Microsoft Defender for IoT

CVSS Score: 7.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21324

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29054

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29055

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21324

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29054

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29055

Product: Microsoft .NET Framework and Visual Studio

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21409

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21409

Product: Microsoft Windows

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-21447

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21447

Product: Microsoft Install Service

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26158

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26158

Product: Microsoft DHCP Server Service

CVSS Score: 7.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26195

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26202

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26212

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26215

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26195

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26202

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26212

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26215

Product: Microsoft Windows Routing and Remote Access Service (RRAS)

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26179

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26200

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26205

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26179

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26200

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26205

Product: Microsoft Message Queuing (MSMQ)

CVSS Scores: 7.2 & 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26208

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26232

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26208

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26232

Product: Microsoft Windows Remote Access Connection Manager

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26211

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26211

Product: Microsoft WDAC OLE DB Provider

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26210

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26244

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26210

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26244

Product: Microsoft SQL Server ODBC Driver

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26214

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26214

Product: Microsoft Windows File Server

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26216

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26216

Product: Microsoft HTTP.sys

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26219

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26219

Product: Microsoft Windows DNS Server

CVSS Scores: 7.2 - 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26221

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26222

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26223

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26224

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26227

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26228

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26229

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26230

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26231

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26233

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26221

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26222

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26223

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26224

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26227

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26228

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26229

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26230

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26231

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26233

Product: Microsoft Windows Update Stack

CVSS Scores: 7.0 - 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26235

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26236

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26235

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26236

Product: Microsoft Windows Defender

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26237

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26237

Product: Microsoft Windows Telephony Server

CVSS Scores: 7.0 - 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26239

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26242

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26239

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26242

Product: Microsoft Win32k

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26241

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26241

Product: Windows USB Print Driver

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26243

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26243

Product: Microsoft Windows SMB

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26245

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26245

Product: Microsoft Windows Kerberos

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26248

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26248

Product: Microsoft Virtual Machine Bus (VMBus)

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26254

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26254

Product: libarchive

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26256

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26256

Product: Microsoft Excel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26257

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26257

Product: Microsoft Brokering File System

CVSS Scores: 7.0 - 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-26213

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28904

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28905

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28907

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26213

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28904

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28905

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28907

Product: Microsoft OLE DB Driver for SQL ServerCVSS Score: 7.5 - 8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28906NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28908NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28909NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28910NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28911NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28912NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28913NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28914NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28915NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28926NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28927NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28939NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28940NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28942NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28944NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28945NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29044NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29045NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29046NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29047NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29048NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29982NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29983NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29984NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29985ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28906MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28908MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28909MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28910MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28911MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28912MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28913MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28914MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28915MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28926MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28927MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28939MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28940MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28942MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28944MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28945MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29044MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29045MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29046MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29047MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29048MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29982MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29983MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29984MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29985CVE-2024-28929 through CVE-2024-28938, CVE-2024-28941, CVE-2024-28943, CVE-2024-29043 - Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityProduct: Microsoft ODBC Driver for SQL ServerCVSS Score: 8.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28929NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28930NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28931NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28932NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28933NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28934NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28935NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28936NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28937NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28938NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28941NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-28943NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29043ISC Diary: https://isc.sans.edu/diary/30822MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28929MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28930MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28931MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28932MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28933MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28934MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28935MSFT Details: https://msr…

Product: Microsoft Windows Cryptographic Services

CVSS Score: 8.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29050

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29050

Product: Microsoft Windows Storage

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29052

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29052

Product: Azure AI Search

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29063

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29063

Product: Microsoft Windows Distributed File System (DFS)

CVSS Score: 7.2

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29066

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29066

Product: Microsoft SmartScreen Prompt

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29988

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29988

Product: Microsoft Azure Monitor Agent

CVSS Score: 8.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29989

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29989

Product: Microsoft Azure CycleCloud

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-29993

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29993

Product: Rust

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-24576

NVD References:

- https://doc.rust-lang.org/std/io/enum.ErrorKind.html#variant.InvalidInput

- https://doc.rust-lang.org/std/os/windows/process/trait.CommandExt.html#tymethod.raw_arg

- https://doc.rust-lang.org/std/process/struct.Command.html

- https://doc.rust-lang.org/std/process/struct.Command.html#method.arg

- https://doc.rust-lang.org/std/process/struct.Command.html#method.args

- https://github.com/rust-lang/rust/issues

- https://github.com/rust-lang/rust/security/advisories/GHSA-q455-m56c-85mh

- https://www.rust-lang.org/policies/security

Product: WordPress Simple Job Board plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-1813

NVD References:

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3051715%40simple-job-board&old=3038476%40simple-job-board&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/89584034-4a93-42a6-8fef-55dc3895c45c?source=cve

Product: WordPress Network Summary plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2804

NVD References:

- https://plugins.trac.wordpress.org/browser/network-summary/trunk/includes/class-network-summary.php#L225

- https://www.wordfence.com/threat-intel/vulnerabilities/id/3320c182-b1f9-4e06-92ea-0fa670557dd0?source=cve

Product: MasterStudy LMS plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3136

NVD References:

- https://plugins.trac.wordpress.org/changeset/3064337/masterstudy-lms-learning-management-system/trunk/_core/lms/classes/helpers.php

- https://plugins.trac.wordpress.org/changeset/3064337/masterstudy-lms-learning-management-system/trunk/_core/lms/classes/templates.php

- https://www.wordfence.com/threat-intel/vulnerabilities/id/9a573740-cdfe-4b58-b33b-5e50bcbc4779?source=cve

Product: sngrep

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3119

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-3120

NVD References:

- https://github.com/irontec/sngrep/pull/480/commits/73c15c82d14c69df311e05fa75da734faafd365f

- https://github.com/irontec/sngrep/pull/480/commits/f229a5d31b0be6a6cc3ab4cd9bfa4a1b5c5714c6

- https://github.com/irontec/sngrep/releases/tag/v1.8.1

- https://pentraze.com/vulnerability-reports/

CVE-2019-3816 & CVE-2019-3833 - -- no description --

Product: OpenWSMAN, versions up to and including 2.6.9

OpenSUSE Leap 42.3

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-3816

NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-3833

ISC Diary: https://isc.sans.edu/diary/30822

NVD References:

- https://bugzilla.suse.com/show_bug.cgi?id=1122623

CVE-2024-23593 - Lenovo: CVE-2024-23593 Zero Out Boot Manager and drop to UEFI Shell

Product: Lenovo Zero Out Boot Manager

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23593

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-23593

CVE-2024-23594 - Lenovo: CVE-2024-23594 Stack buffer overflow in Lenovo system recovery boot manager

Product: Lenovo System Recovery Boot Manager

CVSS Score: 6.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23594

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-23594

The following vulnerability need a manual review:

CVE-2024-2201 - A critical flaw in Netentsec NS-ASG Application Security Gateway 6.3 can lead to an SQL injection vulnerability

Product: Netentsec NS-ASG Application Security Gateway 6.3

CVSS Score: N/A

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2021

NVD References:

- https://github.com/dtxharry/cve/blob/main/cve.md

- https://vuldb.com/?id.255300

Product: Lenovo Zero Out Boot Manager

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23593

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-23593

Product: Lenovo System Recovery Boot Manager

CVSS Score: 6.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-23594

ISC Diary: https://isc.sans.edu/diary/30822

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-23594

The following vulnerability need a manual review:

Product: Netentsec NS-ASG Application Security Gateway 6.3

CVSS Score: N/A

NVD: https://nvd.nist.gov/vuln/detail/CVE-2024-2021

NVD References:

- https://github.com/dtxharry/cve/blob/main/cve.md

- https://vuldb.com/?id.255300