{"vulnerability": "CVE-2024-1090", "sightings": [{"uuid": "59e7b987-fb25-4186-90e4-23ef60731dd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10900", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113513943971754385", "content": "", "creation_timestamp": "2024-11-20T06:48:47.478175Z"}, {"uuid": "89e24a03-0652-460e-842c-b9a9dbfe88b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10905", "type": "seen", "source": "https://thehackernews.com/2024/12/critical-sailpoint-identityiq.html", "content": "", "creation_timestamp": "2024-12-04T04:08:00.000000Z"}, {"uuid": "b2ffb30f-92b0-4f1e-a0e5-c10b7f26db1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10905", "type": "seen", "source": "https://infosec.exchange/users/edwardk/statuses/113605968390719102", "content": "", "creation_timestamp": "2024-12-06T12:51:48.252063Z"}, {"uuid": "4b63126c-f9ba-470e-b8eb-4176fb5facd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10903", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113717603104403031", "content": "", "creation_timestamp": "2024-12-26T06:01:59.284328Z"}, {"uuid": "39f81a61-dac5-4e2f-9421-7c61bee9a303", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10903", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3le6t4mqgfs22", "content": "", "creation_timestamp": "2024-12-26T06:15:18.856950Z"}, {"uuid": "2ed16ab5-ab26-4591-9927-7ef174a342ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10908", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lgod4lobzj2h", "content": "", "creation_timestamp": "2025-01-26T21:01:57.322372Z"}, {"uuid": "c7e7ffba-ab5e-4dfa-acbb-132d754c17b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10901", "type": "seen", "source": "https://gist.github.com/YLChen-007/0f5d82daccccf9d96159a381cb249b8a", "content": "", "creation_timestamp": "2026-02-18T13:58:32.000000Z"}, {"uuid": "e037c85f-f571-4601-a8f4-dcc8d2aa45d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10901", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmh4mapc2s", "content": "", "creation_timestamp": "2025-03-20T11:40:19.644470Z"}, {"uuid": "523e3ff8-fb69-4886-a798-f4678e6c6a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10902", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmh5bnlv24", "content": "", "creation_timestamp": "2025-03-20T11:40:20.546244Z"}, {"uuid": "00c021c1-e897-4cf8-8a08-18f260884ddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10904", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:46.000000Z"}, {"uuid": "4253703b-6aa8-4a33-8d8c-25a5e80d7946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10905", "type": "published-proof-of-concept", "source": "https://t.me/crackvaultde/154", "content": "Critical SailPoint IdentityIQ Flaw Exposes Files\n\nA critical vulnerability (CVE-2024-10905) in SailPoint IdentityIQ allows unauthorized file access, affecting versions 8.2 to 8.4, with a CVSS score of 10.  \n\nhttps://thehackernews.com/2024/12/critical-sailpoint-identityiq.html  \n\ncrack-vault.de\n\n#crackvault", "creation_timestamp": "2024-12-04T17:09:56.000000Z"}, {"uuid": "f8c8e127-ae04-4beb-b110-9710abd76ef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1090", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12896", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1090\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: The ImageRecycle pdf &amp; image compression plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the stopOptimizeAll function in all versions up to, and including, 3.1.13. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify image optimization settings.\n\ud83d\udccf Published: 2024-02-20T18:56:50.676Z\n\ud83d\udccf Modified: 2025-04-22T16:26:52.393Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/f3fae909-5564-4e0a-9114-edd0e45865e5?source=cve\n2. https://plugins.trac.wordpress.org/changeset/3031424/imagerecycle-pdf-image-compression", "creation_timestamp": "2025-04-22T17:03:15.000000Z"}, {"uuid": "2661b941-450d-47aa-87b8-0a7cc031b105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10905", "type": "seen", "source": "https://t.me/itsec_news/4933", "content": "\u200b\u26a1\ufe0fWindows, QNAP \u0438 ASUS: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0441\u0430\u043c\u044b\u0445 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0434\u0435\u043b\u0438\n\n\ud83d\udcac \u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0434\u043d\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0438\u0437 \u0440\u0430\u0437\u043d\u044b\u0445 \u043e\u0431\u043b\u0430\u0441\u0442\u0435\u0439 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0437\u043d\u0430\u0447\u0438\u043c\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0443\u0433\u0440\u043e\u0436\u0430\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439. \u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c \u043e\u0431\u0437\u043e\u0440 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0433\u0440\u043e\u0437.\n\n\u0410\u0442\u0430\u043a\u0430 DaMAgeCard: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430 SD Express\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Positive Technologies \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430 \u043c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 DaMAgeCard, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430 SD Express. \u041d\u043e\u0432\u044b\u0439 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043a\u0430\u0440\u0442\u0430\u043c \u043f\u0430\u043c\u044f\u0442\u0438 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 PCIe/NVMe, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044f \u043f\u0440\u044f\u043c\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0430\u043c\u044f\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430. \u0410\u0442\u0430\u043a\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u043f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u0430\u0440\u0442 \u043f\u0430\u043c\u044f\u0442\u0438 SD Express, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u043c\u044b\u0445 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c. \u041e\u0434\u043d\u0430\u043a\u043e \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0430 \u043f\u043e\u043a\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432\u0430\u0435\u0442 \u0440\u0438\u0441\u043a\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c NTLM: \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 Windows\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b ACROS \u0432\u044b\u044f\u0432\u0438\u043b\u0438 Zero Day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0445\u0438\u0449\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 NTLM. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e, \u0447\u0442\u043e\u0431\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u0442\u043a\u0440\u044b\u043b \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0432 \u041f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a\u0435 Windows. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 Windows 7 \u0438 Windows Server 2008. ACROS \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 Microsoft \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043c\u0438\u043a\u0440\u043e\u043f\u0430\u0442\u0447\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f QNAP: \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439\n\u0422\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c QNAP \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432. \u0412 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0430 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u043c \u043a\u043e\u043d\u043a\u0443\u0440\u0441\u0435 Pwn2Own. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c QNAP \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043e\u043a, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043e\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 SailPoint IdentityIQ: \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u0433\u0440\u043e\u0437\u0430 \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0431\u0430\u043b\u043b\u043e\u043c\n\u041d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 SailPoint IdentityIQ \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-10905 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 10), \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c\u0443 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0443 \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0435\u043d.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 IdentityIQ 8.4 (\u0434\u043e 8.4p2), IdentityIQ 8.3 (\u0434\u043e 8.3p5), IdentityIQ 8.2 (\u0434\u043e 8.2p8) \u0438 \u0432\u0441\u0435 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438. SailPoint \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0430\u0436\u0434\u043e\u0439 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0430 \u0431\u0443\u0434\u0443\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u043a\u0440\u043e\u044e\u0442 \u0434\u0430\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 ASUS: \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043e\u043a\nASUS \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0440\u0438\u0439 RT-AX55, RT-AX56U, RT-AX57 \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u043e\u0434\u0435\u043b\u0435\u0439. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043f\u0440\u043e\u0448\u0438\u0432\u043e\u043a, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 ASUS.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 TeamCity: 13 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0438 \u043d\u043e\u0432\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438\n\nJetBrains \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043a\u0440\u0443\u043f\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b TeamCity. \u0412 \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b:\n\n\u042d\u043a\u0441\u043f\u0435\u0440\u0438\u043c\u0435\u043d\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0435\u0436\u0438\u043c Kubernetes Executor, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c Kubernetes \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0431\u043e\u0440\u043a\u0430\u043c\u0438.\n\u0423\u043b\u0443\u0447\u0448\u0435\u043d\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0442\u043e\u043a\u0435\u043d\u0430\u043c\u0438 OAuth, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0446\u0435\u043d\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0431\u044b\u0441\u0442\u0440\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0442\u043e\u043a\u0435\u043d\u043e\u0432.\n\u041f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 Kotlin-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a \u0434\u043b\u044f \u0443\u043f\u0440\u043e\u0449\u0435\u043d\u0438\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438.\n\u0423\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0432 AWS-\u0438\u043d\u0442\u0435\u0433\u0440\u0430\u0446\u0438\u0438 \u0438 \u043d\u043e\u0432\u0430\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f Perforce.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432\u0432\u0435\u0434\u0435\u043d\u0430 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043e\u0434\u043e\u0431\u0440\u0435\u043d\u0438\u044f \u0446\u0435\u043b\u043e\u0439 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u0441\u0431\u043e\u0440\u043e\u043a \u0437\u0430 \u043e\u0434\u043d\u043e \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435, \u0447\u0442\u043e \u0443\u043f\u0440\u043e\u0449\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u044b \u0440\u0435\u043b\u0438\u0437\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 Mongoose: \u0440\u0438\u0441\u043a \u0434\u043b\u044f IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Nozomi Networks \u0432\u044b\u044f\u0432\u0438\u043b\u0438 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Mongoose, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 TLS-\u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0445\u0430\u043a\u0435\u0440\u0430\u043c \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u0431\u043e\u0438 \u0438\u043b\u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \u0425\u043e\u0442\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0432\u0435\u0440\u0441\u0438\u044e Mongoose 7.15 \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438, \u043c\u043d\u043e\u0433\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 IoT \u0438 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0439 \u0441\u0444\u0435\u0440\u0435, \u043c\u043e\u0433\u0443\u0442 \u0434\u043e\u043b\u0433\u043e \u043e\u0441\u0442\u0430\u0432\u0430\u0442\u044c\u0441\u044f \u0431\u0435\u0437 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0447\u0442\u043e \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0440\u0438\u0441\u043a\u0438.\n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\u0420\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043b\u043e\u0436\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438.\n\u041f\u0440\u0438 \u0440\u0430\u0431\u043e\u0442\u0435 \u0441 IoT-\u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 \u0443\u0431\u0435\u0434\u0438\u0442\u044c\u0441\u044f \u0432 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041f\u041e.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-12-09T20:34:52.000000Z"}, {"uuid": "64f8a367-7ef6-4964-9198-7e430f5ed567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10904", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11319", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10904\n\ud83d\udd25 CVSS Score: 4.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim\u2019s browser.  The privileges required to execute this attack are high, requiring publisher capabilities.  The impact is low to both confidentiality and integrity while having no impact to availability.\n\ud83d\udccf Published: 2025-03-03T19:37:16.214Z\n\ud83d\udccf Modified: 2025-04-10T19:37:32.457Z\n\ud83d\udd17 References:\n1. https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-1-patch/", "creation_timestamp": "2025-04-10T19:49:04.000000Z"}, {"uuid": "3ea08010-d655-4045-91f2-fed720830927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10905", "type": "seen", "source": "https://t.me/cvedetector/11795", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10905 - Juniper Networks IdentityIQ HTTP Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10905 \nPublished : Dec. 2, 2024, 3:15 p.m. | 43\u00a0minutes ago \nDescription : IdentityIQ 8.4 and all 8.4 patch levels prior to 8.4p2, IdentityIQ 8.3 and all 8.3 patch levels prior to 8.3p5, IdentityIQ 8.2 and all 8.2 patch levels prior to 8.2p8, and all prior versions\u00a0allows HTTP access to\u00a0static content in the IdentityIQ application directory that should be protected. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-02T17:05:16.000000Z"}, {"uuid": "935b2d5b-1f77-41cb-aeaf-fee99a844a25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10903", "type": "seen", "source": "https://t.me/cvedetector/13648", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10903 - \"WordPress Broken Link Checker SSRF Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10903 \nPublished : Dec. 26, 2024, 6:15 a.m. | 40\u00a0minutes ago \nDescription : The Broken Link Checker WordPress plugin before 2.4.2 does not validate a the link URLs before making a request to them, which could allow admin users to perform SSRF attack, for example on a multisite installation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-26T08:12:33.000000Z"}, {"uuid": "46891cbd-4fdd-43d4-864a-e2e6d237a5b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10900", "type": "seen", "source": "https://t.me/cvedetector/11565", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10900 - \"ProfileGrid WordPress Unauthenticated Data Manipulation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10900 \nPublished : Nov. 20, 2024, 7:15 a.m. | 24\u00a0minutes ago \nDescription : The ProfileGrid \u2013 User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the pm_remove_file_attachment() function in all versions up to, and including, 5.9.3.6. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary user meta which can do things like deny an administrator's access to their site. . \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T08:43:27.000000Z"}, {"uuid": "8d281603-6f6d-49b9-9a48-988626093bbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10909", "type": "seen", "source": "https://t.me/cvedetector/12197", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10909 - The The Pojo Forms plugin for WordPress is vulnera\", \n  \"Content\": \"CVE ID : CVE-2024-10909 \nPublished : Dec. 6, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : The The Pojo Forms plugin for WordPress is vulnerable to arbitrary shortcode execution via form_preview_shortcode AJAX action in all versions up to, and including, 1.4.7. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes. This was partially fixed in version 1.4.8. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T12:16:21.000000Z"}, {"uuid": "b57ee6b6-e015-429c-8489-7da297dc8b6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10905", "type": "seen", "source": "https://t.me/true_secator/6506", "content": "\u0412 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 SailPoint \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c (IAM) IdentityIQ \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u043c\u0443, \u0445\u0440\u0430\u043d\u044f\u0449\u0435\u043c\u0443\u0441\u044f \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a\u00a0CVE-2024-10905, \u0438\u043c\u0435\u0435\u0442 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 10,0 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 IdentityIQ 8.2, 8.3, 8.4 \u0438 \u0432\u0441\u0435 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 NIST, IdentityIQ \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 HTTP-\u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u043c\u0443 \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0443 \u0432 \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f IdentityIQ, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u0437\u0430\u0449\u0438\u0449\u0435\u043d.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0438\u043c\u0435\u043d \u0444\u0430\u0439\u043b\u043e\u0432, \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b (CWE-66), \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0438\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432.\n\n\u0412 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0438\u043c\u0435\u0435\u0442\u0441\u044f. \u0421\u0430\u043c\u0430 SailPoint \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0411\u0443\u0434\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c.", "creation_timestamp": "2024-12-04T17:00:07.000000Z"}, {"uuid": "cf7ea973-d5ef-41a8-8240-f69ecf3fed70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1090", "type": "seen", "source": "https://t.me/ctinow/198280", "content": "https://ift.tt/j0sEqf1\nCVE-2024-1090 | ImageRecycle PDF &amp; Image Compression Plugin up to 3.1.13 on WordPress Setting stopOptimizeAll authorization (ID 3031424)", "creation_timestamp": "2024-03-02T09:06:41.000000Z"}, {"uuid": "4c8e64d8-760c-4c06-8b09-56107915baed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10905", "type": "seen", "source": "https://t.me/thehackernews/5982", "content": "\ud83d\udea8 Alert: A critical vulnerability (CVE-2024-10905) in SailPoint's IdentityIQ software exposes sensitive content.  \n \nCVSS score? A whopping 10.0\u2014maximum severity. \n \nAffected versions span from 8.2 to 8.4 and earlier, putting countless systems at risk. Static files that should be locked down are now vulnerable to unauthorized access. \n \nLearn more: https://thehackernews.com/2024/12/critical-sailpoint-identityiq.html", "creation_timestamp": "2024-12-04T06:54:57.000000Z"}]}