https://cve.circl.lu/comments/feed 2024-12-12T00:38:06.448490+00:00 Vulnerability Lookup info@circl.lu python-feedgen Contains only the most 10 recent comments. https://cve.circl.lu/comment/65dab379-0829-483c-b7ec-7176fcaec354 2024-12-12T00:38:06.460804+00:00 Alexandre Dulaunoy http://cve.circl.lu/user/adulau - [Chrome release - Stable Channel Update for Desktop ](https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html) High CVE-2024-10827: Use after free in Serial. Reported by Anonymous on 2024-10-23 2024-11-06T09:34:53.961210+00:00 https://cve.circl.lu/comment/c1a30f74-0435-4ac7-a977-50ef00fdffe0 2024-12-12T00:38:06.460692+00:00 Alexandre Dulaunoy http://cve.circl.lu/user/adulau - [Stable Channel Update for Desktop](https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html) CVE-2024-10826: Use after free in Family Experiences. Reported by Anonymous on 2024-09-29 2024-11-06T09:47:00.820445+00:00 https://cve.circl.lu/comment/3f11fc07-94c7-4c49-b71c-caff6266b8b2 2024-12-12T00:38:06.460576+00:00 Alexandre Dulaunoy http://cve.circl.lu/user/adulau - https://packetstormsecurity.com/files/172820/Zyxel-IKE-Packet-Decoder-Unauthenticated-Remote-Code-Execution.html We still see exploitation of that vulnerability in a black-hole network. 2024-11-06T15:21:53.583555+00:00 https://cve.circl.lu/comment/59dce60f-7719-44c7-9f8b-5ef37763c997 2024-12-12T00:38:06.460449+00:00 Alexandre Dulaunoy http://cve.circl.lu/user/adulau - [https://github.com/bartfroklage/CVE-2024-37383-POC](https://github.com/bartfroklage/CVE-2024-37383-POC) 2024-11-07T17:02:33.331102+00:00 https://cve.circl.lu/comment/a57c1b41-602a-4340-b6bf-c7e95751f645 2024-12-12T00:38:06.460326+00:00 Cédric Bonhomme http://cve.circl.lu/user/cedric > « Nov 05, 2024 Ravie LakshmananMobile Security / Vulnerability Vulnerability in Android System Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories, and their respective sub-directories, according to a code commit message.» [Android Security Bulletin November 2024](https://source.android.com/docs/security/bulletin/2024-11-01) 2024-11-08T08:49:29.657124+00:00 https://cve.circl.lu/comment/9579afd1-e7a6-4754-8574-5acaed28e11d 2024-12-12T00:38:06.460194+00:00 Alexandre Dulaunoy http://cve.circl.lu/user/adulau - [Rapid7 Analysis of CVE-2024-47575](https://attackerkb.com/topics/OFBGprmpIE/cve-2024-47575/rapid7-analysis#rapid7-analysis) 2024-11-14T08:13:33.806989+00:00 https://cve.circl.lu/comment/cb0ad24f-1243-4f18-9607-95a5717fb451 2024-12-12T00:38:06.460050+00:00 Alexandre Dulaunoy http://cve.circl.lu/user/adulau - [Kritische Sicherheitslücke in Laravel Framework - Updates verfügbar ](https://www.cert.at/de/warnungen/2024/11/kritische-sicherheitslucke-in-laravel-framework-updates-verfugbar) - [Critical Laravel Flaw (CVE-2024-52301) Exposes Millions of Web Applications to Attack](https://securityonline.info/critical-laravel-flaw-cve-2024-52301-exposes-millions-of-web-applications-to-attack/) 2024-11-18T07:05:28.583042+00:00 https://cve.circl.lu/comment/a306876b-06cc-486b-988e-78087547fd22 2024-12-12T00:38:06.459852+00:00 Alexandre Dulaunoy http://cve.circl.lu/user/adulau - CVE-2024-36401 GeoServer Remote Code Execution - https://github.com/0x0d3ad/CVE-2024-36401 2024-11-28T21:52:40.484680+00:00 https://cve.circl.lu/comment/92cdf9dd-1009-427b-8181-b444dc288f89 2024-12-12T00:38:06.457893+00:00 Alexandre Dulaunoy http://cve.circl.lu/user/adulau - [INCIDENT: Threat Actors Currently Mass-Exploiting Cleo Servers (0-day-ish) 👾 ](https://www.reddit.com/r/sysadmin/comments/1haqguq/incident_threat_actors_currently_massexploiting/?rdt=59586) https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild On December 3, Huntress identified an emerging threat involving Cleo’s LexiCom, VLTransfer, and Harmony software, commonly used to manage file transfers. We’ve directly observed evidence of threat actors exploiting this software en masse and performing post-exploitation activity. Although Cleo published an update and advisory for CVE-2024-50623—which allows unauthenticated remote code execution—Huntress security researchers have recreated the proof of concept and learned the patch does not mitigate the software flaw. ‍TL;DR - This vulnerability is being actively exploited in the wild and fully patched systems running 5.8.0.21 are still exploitable. We strongly recommend you move any internet-exposed Cleo systems behind a firewall until a new patch is released. 2024-12-10T07:57:07.099373+00:00 https://cve.circl.lu/comment/36846c73-0c66-4bdf-b5f9-3a3b65823062 2024-12-12T00:38:06.453974+00:00 Cédric Bonhomme http://cve.circl.lu/user/cedric When asked to both use a .netrc file for credentials and to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. This flaw only manifests itself if the netrc file has an entry that matches the redirect target hostname but the entry either omits just the password or omits both login and password. ### Info > "A curl transfer with a.tld that redirects to b.tld that uses a .netrc like below (with a match, but no password specified for the second host), would make curl pass on alicespassword as password even in the second transfer to the separate host b.tld. > > machine a.tld > login alice > password alicespassword > default > login bob > > This bug is not considered a C mistake. It is not likely to have been avoided had we not been using C. > > This flaw also affects the curl command line tool. > > The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2024-11053 to this issue. > > CWE-200: Exposure of Sensitive Information to an Unauthorized Actor > > Severity: Low" 2024-12-11T09:52:06.061616+00:00