{"vulnerability": "CVE-2024-3810", "sightings": [{"uuid": "c1234f8d-7f51-4ed6-b4f9-483e6e5dbbf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38107", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "188d2376-ab77-4a9a-9592-4214bc835b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "6ef223ff-ab05-497b-a559-2bfb6e052353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38108", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "7f59e73f-ee74-498b-ae52-935029b83c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38109", "type": "seen", "source": "https://www.thezdi.com/blog/2024/8/13/the-august-2024-security-update-review", "content": "", "creation_timestamp": "2024-08-13T18:05:01.000000Z"}, {"uuid": "f4c552cf-b6ef-470d-8508-07bb5df4d4e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-08-13T21:10:02.000000Z"}, {"uuid": "aa5c7ca1-63a8-4a2d-bf5d-3431823b5477", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38107", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-08-13T21:10:03.000000Z"}, {"uuid": "b6e27451-f945-4846-b7b5-39e9a8d917b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-38107", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1352", "content": "", "creation_timestamp": "2024-08-14T04:00:00.000000Z"}, {"uuid": "a6fa87af-e322-4fea-b739-f12e5700524f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "seen", "source": "https://bsky.app/profile/keesnk.bsky.social/post/3lgfemhr2q22u", "content": "", "creation_timestamp": "2025-01-23T07:34:47.045677Z"}, {"uuid": "4164a8f0-b416-4a9d-aa22-1c6ad188cf7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgezdf735k2l", "content": "", "creation_timestamp": "2025-01-23T04:12:57.574247Z"}, {"uuid": "1b9271b5-c6bb-4090-8521-a44dd6e20604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgezdfcsmv2k", "content": "", "creation_timestamp": "2025-01-23T04:12:58.095522Z"}, {"uuid": "940dbd8e-ef2c-4ad6-b03b-2217cb84c0d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:57.000000Z"}, {"uuid": "3557df64-ae55-494d-a47e-912bffce21d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38107", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:57.000000Z"}, {"uuid": "f7036b94-415c-4aab-9d49-d69a71d6cdcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-38106", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1352", "content": "", "creation_timestamp": "2024-08-14T04:00:00.000000Z"}, {"uuid": "f7e51225-992a-463a-9c05-941deba90567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-9d1c9d9f-675cdbc3d8f48478", "content": "", "creation_timestamp": "2025-03-01T00:19:16.600247Z"}, {"uuid": "9468a81d-daf2-48b8-8cd3-eec4b1486fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lj6s25q2mz2s", "content": "", "creation_timestamp": "2025-02-27T21:02:05.417355Z"}, {"uuid": "c80908db-19a6-4f52-8158-7292f41996ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38105", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14637", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38105\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability\n\ud83d\udccf Published: 2024-07-09T17:03:26.487Z\n\ud83d\udccf Modified: 2025-05-02T23:47:15.808Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38105", "creation_timestamp": "2025-05-03T00:16:54.000000Z"}, {"uuid": "068ec5bf-57e9-46a4-9e24-57e5c4ffcb43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-38106", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8e3211ea-4fa2-4020-80f2-d75ba50f290c", "content": "", "creation_timestamp": "2026-02-02T12:26:31.682081Z"}, {"uuid": "a0e57cb5-33bc-4b44-be2b-91545cc6b51c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-38107", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/adaca0de-1db8-4424-a507-5a9756c2b772", "content": "", "creation_timestamp": "2026-02-02T12:26:31.572768Z"}, {"uuid": "087ea671-7e46-4239-bf37-65f772052947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8188", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-38100 Windows Leaked Wallpaper Escelation to RCE vulnerability\nURL\uff1ahttps://github.com/Florian-Hoth/CVE-2024-38100-RCE-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-06T18:28:13.000000Z"}, {"uuid": "1c25ace3-cbfe-4046-b1e8-fdd786a60810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/196", "content": "Leaked Wallpaper\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\nhttps://github.com/MzHmO/LeakedWallpaper", "creation_timestamp": "2024-09-11T12:19:46.000000Z"}, {"uuid": "2058303b-090d-40da-a711-10fd6bd51fb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38109", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11967", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38109\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in Microsoft Azure Health Bot to elevate privileges over a network.\n\ud83d\udccf Published: 2024-08-13T17:30:40.975Z\n\ud83d\udccf Modified: 2025-04-15T23:45:17.927Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38109", "creation_timestamp": "2025-04-15T23:55:52.000000Z"}, {"uuid": "10df2df3-09b9-4560-a56b-bc32e284118b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38101", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14638", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38101\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability\n\ud83d\udccf Published: 2024-07-09T17:03:25.920Z\n\ud83d\udccf Modified: 2025-05-02T23:47:15.338Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38101", "creation_timestamp": "2025-05-03T00:16:56.000000Z"}, {"uuid": "71f2d912-5c79-4f60-a1f7-740b23704d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38103", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14634", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-38103\n\ud83d\udd25 CVSS Score: 5.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C)\n\ud83d\udd39 Description: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability\n\ud83d\udccf Published: 2024-07-25T21:33:26.843Z\n\ud83d\udccf Modified: 2025-05-02T23:47:17.395Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38103", "creation_timestamp": "2025-05-03T00:16:48.000000Z"}, {"uuid": "0360327a-c017-4348-bebf-f17cbc7fe782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38105", "type": "seen", "source": "https://t.me/cvedetector/392", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38105 - Windows Layer-2 Bridge Network Driver Denial of Se\", \n  \"Content\": \"CVE ID : CVE-2024-38105 \nPublished : July 9, 2024, 5:15 p.m. | 27\u00a0minutes ago \nDescription : Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T19:48:28.000000Z"}, {"uuid": "1de01eba-f49d-4f57-b3e9-be2cf19843f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "seen", "source": "https://t.me/kasperskyb2b/1373", "content": "\ud83d\udea8 \u0428\u0435\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 0day \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0441\u044e\u0440\u043f\u0440\u0438\u0437\u044b \u0430\u0432\u0433\u0443\u0441\u0442\u043e\u0432\u0441\u043a\u043e\u0433\u043e patch tuesday\n\n\u0410\u0441\u0442\u0440\u043e\u043b\u043e\u0433\u0438 \u043e\u0431\u044a\u044f\u0432\u043b\u044f\u044e\u0442 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430 \u2014 \u043a\u0440\u043e\u043c\u0435 \u043f\u0430\u043a\u0435\u0442\u0430 \u0432\u0430\u0436\u043d\u044b\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u043e\u0442 Microsoft, \u0431\u043e\u043b\u044c\u0448\u0438\u043c \u0431\u0443\u043a\u0435\u0442\u043e\u043c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0440\u0430\u0437\u0440\u0430\u0437\u0438\u043b\u0438\u0441\u044c Adobe \u0438 SAP.\n\nMicrosoft \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 86 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u043d\u043e \u0432\u043d\u0435\u043f\u043b\u0430\u043d\u043e\u0432\u044b\u0445 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0441 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e patch tuesday \u0431\u044b\u043b\u043e \u043c\u043d\u043e\u0433\u043e, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u0441\u0435\u0433\u043e \u0441 \u0438\u044e\u043b\u044f \u043d\u0430\u0431\u0435\u0436\u0430\u043b\u043e \u0430\u0436 130 CVE.\n\n\u041e\u0434\u0438\u043d 0day \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0432 \u0438\u044e\u043d\u0435, \u043d\u043e \u0437\u0430\u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043d\u0435\u0433\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044c. \ud83e\udd26\u200d\u2642\ufe0f\n\u042d\u0442\u043e CVE-2024-38213, \u043e\u0431\u0445\u043e\u0434 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0439 SmartScreen, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0441 \u043c\u0430\u0440\u0442\u0430.\n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b: \n\n\ud83d\udfe3 CVE-2024-38178, RCE \u0432 scripting engine, \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u0441\u0441\u044b\u043b\u043a\u0430 \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u043e\u0442\u043a\u0440\u044b\u0442\u0430 \u0432 Internet Explorer mode;\n\ud83d\udfe3 CVE-2024-38193, EoP \u0447\u0435\u0440\u0435\u0437 AFD for Winsock;\n\ud83d\udfe3 CVE-2024-38106 \u0438 -38107, EoP \u0434\u043e system \u0447\u0435\u0440\u0435\u0437 \u044f\u0434\u0440\u043e Windows \u0438 power dependency coordinator \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e;\n\ud83d\udfe3 RCE \u0432 MS Project CVE-2024-38189.\n\n\ud83d\udd50 \u0415\u0449\u0451 \u0447\u0435\u0442\u044b\u0440\u0435 0day \u043e\u0442\u043d\u043e\u0441\u044f\u0442\u0441\u044f \u043a \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u043c, \u043d\u043e \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u043c \u2014 \u044d\u0442\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u044b, \u043e\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0435 \u0432 \u0430\u0442\u0430\u043a\u0435 Windows Downdate, RCE \u0432 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0435\u043c Line Printer Daemon  \u0438 \u0434\u0435\u0444\u0435\u043a\u0442 MS Office, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0438\u0439 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 NTLM.\n\n \u0412\u0441\u0435\u0433\u043e \u0438\u0437 86 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 patch tuesday, 7 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0440\u0430\u043d\u0433 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445, 64 \u2014 \u0432\u044b\u0441\u043e\u043a\u043e\u0439, 15 \u2014 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438. 35 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, 28 \u2014 RCE, 6 \u2014 DoS, 4 \u2014 \u043e\u0431\u0445\u043e\u0434\u0443 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 7 \u2014 \u0443\u0442\u0435\u0447\u043a\u0430\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n\n\u27a1\ufe0f\n\nAdobe \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432.\n\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0432 Acrobat Reader \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 12 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, \u0438\u0437 \u043d\u0438\u0445 8 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445. \u0421\u0443\u0434\u044f \u043f\u043e \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u043c \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u043d\u043e\u0441\u0442\u044f\u043c \u0432 \u0441\u0442\u043e\u0440\u043e\u043d\u0443 Cisco Talos \u0438 Checkpoint, \u043c\u0438\u043d\u0438\u043c\u0443\u043c 4 \u0434\u044b\u0440\u044b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432\u0436\u0438\u0432\u0443\u044e.\n\n23 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0432 Adobe Commerce (\u0432 \u0434\u0435\u0432\u0438\u0447\u0435\u0441\u0442\u0432\u0435 Magento) \u0442\u043e\u0436\u0435 \u043d\u0430\u043c\u0435\u043a\u0430\u044e\u0442 \u043d\u0430 \u0441\u0440\u043e\u0447\u043d\u043e\u0441\u0442\u044c \u043f\u0430\u0442\u0447\u0438\u043d\u0433\u0430: 7 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2024-39397 (CVSS 9.0) \u2014 RCE \u0438\u0437-\u0437\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u0430 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \n\n\u27a1\ufe0f\n\nSAP \u0432 \u0441\u0432\u043e\u0435\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 17 \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f  CVE-2024-41730 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 9.8 \u2014 \u044d\u0442\u043e\u0442 \u0434\u0435\u0444\u0435\u043a\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0446\u0435\u043b\u0438\u043a\u043e\u043c \u043e\u0431\u043e\u0439\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u0432  SAP BusinessObjects 430 \u0438 440 \u0438 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0434\u0438\u0441\u0442\u0430\u043d\u0446\u0438\u043e\u043d\u043d\u043e.\n \n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u043f\u0430\u0442\u0447\u0438 #microsoft @\u041f2\u0422", "creation_timestamp": "2024-08-14T12:33:33.000000Z"}, {"uuid": "652ea415-1265-42e1-ad07-2fc791c5729b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38104", "type": "seen", "source": "https://t.me/cvedetector/391", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38104 - Windows Fax Service Remote Code Execution Vulnerab\", \n  \"Content\": \"CVE ID : CVE-2024-38104 \nPublished : July 9, 2024, 5:15 p.m. | 27\u00a0minutes ago \nDescription : Windows Fax Service Remote Code Execution Vulnerability \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T19:48:27.000000Z"}, {"uuid": "88215de4-49cc-4589-a1af-b98eca51369a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3647", "content": "#Kernel_Security\nDissecting the CVE-2024-38106 Fix\nhttps://www.pixiepointsecurity.com/blog/nday-cve-2024-38106", "creation_timestamp": "2024-09-13T16:19:32.000000Z"}, {"uuid": "8d76d3e1-0c60-4e7d-86cc-35ed2abd9a5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38102", "type": "seen", "source": "https://t.me/cvedetector/389", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38102 - Windows Layer-2 Bridge Network Driver Denial of Se\", \n  \"Content\": \"CVE ID : CVE-2024-38102 \nPublished : July 9, 2024, 5:15 p.m. | 27\u00a0minutes ago \nDescription : Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T19:48:22.000000Z"}, {"uuid": "4fabc610-c35d-4d56-83b2-9ff07615e64f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "exploited", "source": "https://t.me/CyberBulletin/535", "content": "\u26a1\ufe0fCVE-2024-38106: 0-Day Windows Kernel Vulnerability Exploited in the Wild, PoC Published.\n\n#CyberBulletin", "creation_timestamp": "2024-09-04T08:57:18.000000Z"}, {"uuid": "248baafc-b1cd-4488-bf26-f53f5cbb968f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/2177", "content": "https://github.com/Florian-Hoth/CVE-2024-38100-RCE-POC", "creation_timestamp": "2024-08-07T20:11:17.000000Z"}, {"uuid": "02d80029-7a5a-440a-851a-02dfebc22850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38103", "type": "seen", "source": "https://t.me/cvedetector/1656", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38103 - Microsoft Edge Internal URL Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-38103 \nPublished : July 25, 2024, 10:15 p.m. | 41\u00a0minutes ago \nDescription : Microsoft Edge (Chromium-based) Information Disclosure Vulnerability \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-26T01:16:49.000000Z"}, {"uuid": "85dde4bc-7a5d-4010-8974-2991772aab71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "seen", "source": "https://t.me/cvedetector/395", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38100 - Windows File Explorer Elevation of Privilege Vulne\", \n  \"Content\": \"CVE ID : CVE-2024-38100 \nPublished : July 9, 2024, 5:15 p.m. | 27\u00a0minutes ago \nDescription : Windows File Explorer Elevation of Privilege Vulnerability \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T19:48:34.000000Z"}, {"uuid": "f51b2936-d083-4349-8166-9d50d1d7cf1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38101", "type": "seen", "source": "https://t.me/cvedetector/394", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38101 - Windows Layer-2 Bridge Network Driver Denial of Se\", \n  \"Content\": \"CVE ID : CVE-2024-38101 \nPublished : July 9, 2024, 5:15 p.m. | 27\u00a0minutes ago \nDescription : Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T19:48:30.000000Z"}, {"uuid": "a5d76faf-905f-4a8f-870f-ec0b68fca422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/767", "content": "#Kernel_Security\nDissecting the CVE-2024-38106 Fix\nhttps://www.pixiepointsecurity.com/blog/nday-cve-2024-38106", "creation_timestamp": "2024-09-13T16:19:32.000000Z"}, {"uuid": "db7110b9-bf30-407f-87ae-346b838e5d3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/dc_main/6319", "content": "FakePotato \u0437\u0430\u0440\u0435\u0433\u0435\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043a\u0430\u043a CVE-2024-38100. \u041e\u043f\u044f\u0442\u044c DCOM \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438... \n\nhttps://decoder.cloud/2024/08/02/the-fake-potato/\n\n\u041f\u043e\u043c\u0435\u0447\u0435\u043d\u043e \u043a\u0430\u043a \"Important LPE\", \u043d\u043e \u0437\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043e \u0432 \u0438\u044e\u043b\u0435...\n\n#pentest #redteam #lpe #ad", "creation_timestamp": "2024-08-08T13:55:57.000000Z"}, {"uuid": "a9887cb4-91d0-4941-9806-050a22b40518", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/8678", "content": "\u200aCVE-2024-38100: Leaked Wallpaper Exploit Exposes Windows Users to Privilege Escalation Attacks\n\nhttps://securityonline.info/cve-2024-38100-leaked-wallpaper-exploit-exposes-windows-users-to-privilege-escalation-attacks/", "creation_timestamp": "2024-08-05T11:10:43.000000Z"}, {"uuid": "b7d361ec-76bf-4b24-905b-b95e810bf084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/596", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:15.000000Z"}, {"uuid": "d0ee2fe5-b4e3-45a6-abd8-0233727c57a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "exploited", "source": "https://t.me/InfoSecInsider/23640", "content": "\u26a1\ufe0fCVE-2024-38106: 0-Day Windows Kernel Vulnerability Exploited in the Wild, PoC Published.\n\n#CyberBulletin", "creation_timestamp": "2024-09-05T06:58:00.000000Z"}, {"uuid": "9a69c6fd-fd63-4328-af3a-f6f172fa10e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8479", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:41.000000Z"}, {"uuid": "f40234a7-5de9-4043-9955-e1ee14cd65a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "published-proof-of-concept", "source": "Telegram/peQiMacQLiPLFnGM_AN8nawpX6yAimWJn0aKYnX-bT1FjJBm", "content": "", "creation_timestamp": "2024-09-04T19:30:58.000000Z"}, {"uuid": "25df1020-af94-4a26-8bd1-f844d81ebeda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38109", "type": "seen", "source": "Telegram/LfogUMBxGpVn17H6Uo0yXtk68arkJ9YyItezZVoolePyzdw", "content": "", "creation_timestamp": "2024-08-24T19:32:31.000000Z"}, {"uuid": "801c5ded-8e9f-4703-8093-2d9e45f7644a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/zer0day1ab/118", "content": "FakePotato \u0437\u0430\u0440\u0435\u0433\u0435\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043a\u0430\u043a CVE-2024-38100. \u041e\u043f\u044f\u0442\u044c DCOM \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438... \n\nhttps://decoder.cloud/2024/08/02/the-fake-potato/\n\n\u041f\u043e\u043c\u0435\u0447\u0435\u043d\u043e \u043a\u0430\u043a \"Important LPE\", \u043d\u043e \u0437\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043e \u0432 \u0438\u044e\u043b\u0435...\n\n#pentest #redteam #lpe #ad", "creation_timestamp": "2024-08-03T03:42:42.000000Z"}, {"uuid": "ef17f49f-c5ad-4c4e-a5da-deb6896323f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7166", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:41.000000Z"}, {"uuid": "2b0deb53-f2ee-4ede-a492-7347912cce79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38103", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1227", "content": "\ud83d\udccd #\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc_\u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 #Microsoft_Edge: \u0644\u0632\u0648\u0645 \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0641\u0648\u0631\u06cc\n\n\u0645\u0631\u0648\u0631\u06af\u0631 Microsoft Edge \u0627\u062e\u06cc\u0631\u0627\u064b \u062f\u0633\u062a\u062e\u0648\u0634 \u0686\u0646\u062f\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0627\u0633\u062a \u06a9\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 \u0639\u0648\u0627\u0642\u0628 \u0648\u062e\u06cc\u0645\u06cc \u0645\u0627\u0646\u0646\u062f \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633\u060c \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0648 \u0627\u0641\u0634\u0627\u06cc \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062d\u0633\u0627\u0633 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0634\u0648\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u062f\u0631 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u067e\u06cc\u0634 \u0627\u0632 127.0.2651.74 \u0627\u06cc\u0646 \u0645\u0631\u0648\u0631\u06af\u0631 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647\u200c\u0627\u0646\u062f.\n\n\u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc:\n- \u0628\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0641\u0648\u0631\u06cc: \u0628\u0631\u0627\u06cc \u0631\u0641\u0639 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u060c \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627\u06cc\u062f \u0647\u0631\u0686\u0647 \u0633\u0631\u06cc\u0639\u200c\u062a\u0631 \u0628\u0647 \u0646\u0633\u062e\u0647 127.0.2651.74 \u06cc\u0627 \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u062c\u062f\u06cc\u062f\u062a\u0631 Microsoft Edge \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u06a9\u0646\u0646\u062f.\n- \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631: \u0642\u0628\u0644 \u0627\u0632 \u0646\u0635\u0628 \u0647\u0631 \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u06cc\u060c \u0628\u0647 \u0648\u06cc\u0698\u0647 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u060c \u062d\u062a\u0645\u0627\u064b \u0635\u062d\u062a \u0648 \u0627\u0635\u0627\u0644\u062a \u0622\u0646 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a \u0631\u0633\u0645\u06cc \u0641\u0631\u0648\u0634\u0646\u062f\u0647 \u062a\u0623\u06cc\u06cc\u062f \u06a9\u0646\u06cc\u062f.\n\n\u062c\u0632\u0626\u06cc\u0627\u062a \u0641\u0646\u06cc: \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0628\u0627 \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2024-6988 \u062a\u0627 CVE-2024-7005\u060c CVE-2024-38103 \u0648 CVE-2024-39379 \u0634\u0646\u0627\u062e\u062a\u0647 \u0645\u06cc\u200c\u0634\u0648\u0646\u062f \u0648 \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0634\u062f\u062a \u0628\u0627\u0644\u0627\u06cc \u062e\u0637\u0631\u060c \u0646\u06cc\u0627\u0632\u0645\u0646\u062f \u062a\u0648\u062c\u0647 \u0648\u06cc\u0698\u0647 \u06a9\u0627\u0631\u0634\u0646\u0627\u0633\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a \u0633\u0627\u06cc\u0628\u0631\u06cc \u0647\u0633\u062a\u0646\u062f.\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83c\udf10 https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20240726\n\n\ud83d\udccd Critical Vulnerabilities in Microsoft Edge: Urgent Update Required\n\nThe Microsoft Edge browser has recently been exposed to several severe vulnerabilities that could lead to severe consequences such as denial of service, remote execution of malicious code, and disclosure of sensitive user information. These vulnerabilities have been identified in versions prior to 127.0.2651.74 of the browser.\n\nSecurity Recommendations:\n- Immediate Update: Users should update to version 127.0.2651.74 or later of Microsoft Edge as soon as possible to address these vulnerabilities.\n- Software Validation: Before installing any software, especially updates, ensure its authenticity and validity through the official vendor's website.\n\nTechnical Details: These vulnerabilities are identified by CVE-2024-6988 through CVE-2024-7005, CVE-2024-38103, and CVE-2024-39379. Due to their high severity, they require special attention from cybersecurity experts.\n\n\ud83d\udd17 To read the full article, visit:\n\n\ud83c\udf10 https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities_20240726", "creation_timestamp": "2024-07-31T14:40:48.000000Z"}, {"uuid": "3e227517-8037-4b65-ace5-b9f881c8cc66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "seen", "source": "https://t.me/true_secator/6090", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0443\u0432\u0435\u0441\u0438\u0441\u0442\u044b\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438\u00a090 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u043e\u0441\u0435\u043c\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 79 - \u00ab\u0432\u0430\u0436\u043d\u044b\u0445\u00bb \u0438 10 0-day.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 36 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 EoP, 4 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 28 - RCE, 8 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 6 - DoS \u0438 7 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u0418\u0437 10 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 Patch Tuesday \u043d\u0443\u043b\u0435\u0439 \u0448\u0435\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0442\u0440\u0438 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0438 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f  \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442, \u043d\u043e Microsoft \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e \u0448\u0435\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043d\u0443\u043b\u0435\u0439 \u0432\u043e\u0448\u043b\u0438:\n\n- CVE-2024-38178: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430. \u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043b\u0438\u0435\u043d\u0442 \u0449\u0435\u043b\u043a\u043d\u0443\u043b \u0441\u0441\u044b\u043b\u043a\u0443 \u0432 Microsoft Edge \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 Internet Explorer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c RCE. \u041f\u041e \u0434\u0430\u043d\u043d\u044b\u043c NCSC \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438 \u0438 AhnLab, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n- CVE-2024-38193: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Windows \u0434\u043b\u044f WinSock, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 SYSTEM. \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Gen Digital, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f Microsoft \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442.\n\n- CVE-2024-38213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows Mark of the Web, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Trend Micro\u2019s Zero Day Initiative, \u043d\u043e \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f.\n\n- CVE-2024-38106: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a EoP. \u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438. Microsoft \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430, \u043a\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0435 \u043d\u0430\u0448\u0435\u043b \u0438 \u043a\u0430\u043a \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430.\n\n- CVE-2024-38107: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Power Dependency Coordinator. \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442.\n\n- CVE-2024-38189: RCE-\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Project. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b Microsoft Office Project \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0433\u0434\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Office \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043e \u043c\u0430\u043a\u0440\u043e\u0441\u0430\u0445 VBA. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0442.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\n- CVE-2024-38199: RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Line Printer Daemon (LPD). \u041d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 \u0432 \u043e\u0431\u0449\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443 LPD \u043f\u043e \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n- CVE-2024-21302: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate.\n\n- CVE-2024-38200: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Office, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043a\u0440\u0430\u0441\u0442\u044c \u0445\u044d\u0448\u0438 NTLM.\n\n- CVE-2024-38202: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0435\u043a\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u0438 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2024-08-14T12:17:01.000000Z"}, {"uuid": "2207801f-40e2-4459-b563-0ee63ae30202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38107", "type": "seen", "source": "https://t.me/true_secator/6090", "content": "\u041f\u043e\u0434\u043a\u0430\u0442\u0438\u043b \u0443\u0432\u0435\u0441\u0438\u0441\u0442\u044b\u0439 PatchTuesday \u043e\u0442 Microsoft \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438\u00a090 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0432\u043e\u0441\u0435\u043c\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, 79 - \u00ab\u0432\u0430\u0436\u043d\u044b\u0445\u00bb \u0438 10 0-day.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e 36 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 EoP, 4 - \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, 28 - RCE, 8 - \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, 6 - DoS \u0438 7 - \u0441\u043f\u0443\u0444\u0438\u043d\u0433\u0430.\n\n\u0418\u0437 10 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 Patch Tuesday \u043d\u0443\u043b\u0435\u0439 \u0448\u0435\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0442\u0440\u0438 \u0431\u044b\u043b\u0438 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0438 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f  \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442, \u043d\u043e Microsoft \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043d\u0430\u0434 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\n\n\u0412 \u0447\u0438\u0441\u043b\u043e \u0448\u0435\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u043d\u0443\u043b\u0435\u0439 \u0432\u043e\u0448\u043b\u0438:\n\n- CVE-2024-38178: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0430\u043c\u044f\u0442\u0438 \u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0432\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430. \u0414\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043a\u043b\u0438\u0435\u043d\u0442 \u0449\u0435\u043b\u043a\u043d\u0443\u043b \u0441\u0441\u044b\u043b\u043a\u0443 \u0432 Microsoft Edge \u0432 \u0440\u0435\u0436\u0438\u043c\u0435 Internet Explorer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c RCE. \u041f\u041e \u0434\u0430\u043d\u043d\u044b\u043c NCSC \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438 \u0438 AhnLab, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043f\u0440\u0438 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n- CVE-2024-38193: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0432\u0441\u043f\u043e\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Windows \u0434\u043b\u044f WinSock, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 SYSTEM. \u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0430 Gen Digital, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f Microsoft \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u0435\u0442.\n\n- CVE-2024-38213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Windows Mark of the Web, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0431\u0445\u043e\u0434\u044f\u0442 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430\u00a0\u0432 \u0440\u0430\u043c\u043a\u0430\u0445 Trend Micro\u2019s Zero Day Initiative, \u043d\u043e \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f.\n\n- CVE-2024-38106: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a EoP. \u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438. Microsoft \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430, \u043a\u0442\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0435\u0435 \u043d\u0430\u0448\u0435\u043b \u0438 \u043a\u0430\u043a \u043e\u043d\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430.\n\n- CVE-2024-38107: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Windows Power Dependency Coordinator. \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043d\u0435\u0442.\n\n- CVE-2024-38189: RCE-\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Project. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u0444\u0430\u0439\u043b Microsoft Office Project \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0433\u0434\u0435 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e\u043b\u0438\u0442\u0438\u043a\u0430 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043c\u0430\u043a\u0440\u043e\u0441\u043e\u0432 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Office \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0438 \u043d\u0435 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u0443\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0439 \u043e \u043c\u0430\u043a\u0440\u043e\u0441\u0430\u0445 VBA. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u0442\u0430\u043a\u0436\u0435 \u043d\u0435\u0442.\n\n\u0412 \u0447\u0438\u0441\u043b\u0435 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439:\n\n- CVE-2024-38199: RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Line Printer Daemon (LPD). \u041d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0435 \u0437\u0430\u0434\u0430\u043d\u0438\u0435 \u043f\u0435\u0447\u0430\u0442\u0438 \u0432 \u043e\u0431\u0449\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u043b\u0443\u0436\u0431\u0443 LPD \u043f\u043e \u0441\u0435\u0442\u0438 \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f RCE \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435.\n\n- CVE-2024-21302: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate.\n\n- CVE-2024-38200: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Microsoft Office, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0432\u0448\u0430\u044f \u043a\u0440\u0430\u0441\u0442\u044c \u0445\u044d\u0448\u0438 NTLM.\n\n- CVE-2024-38202: EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0442\u0435\u043a\u0430 \u0426\u0435\u043d\u0442\u0440\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Windows, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0430\u0442\u0430\u043a\u043e\u0439 Windows Downdate. \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u043e\u043a\u0430 \u043d\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e.\n\n\u041f\u043e\u043b\u043d\u044b\u0439 \u043f\u0435\u0440\u0435\u0447\u0435\u043d\u044c \u0441 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u0438 \u043a\u0430\u0436\u0434\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 - \u0437\u0434\u0435\u0441\u044c.", "creation_timestamp": "2024-08-14T12:17:01.000000Z"}, {"uuid": "7c7e52ad-fa1c-4cb5-a5ee-a74dc91ac44d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6173", "content": "\u0412 \u0446\u0435\u043b\u043e\u043c \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043a\u0430\u0440\u0442\u0438\u043d\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c.\n\nGoogle \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0434\u0432\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f Chrome 128 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f 8 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f 6 \u0448\u0435\u0441\u0442\u044c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Microsoft, \u0440\u0430\u043d\u0435\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432 Chrome CVE-2024-7971 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043a\u0430\u043a \u043d\u0443\u043b\u044c \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 Citrine Sleet, \u0447\u0442\u043e \u0434\u043b\u044f \u043a\u043e\u0440\u0435\u0439\u0441\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0441\u0442\u0430\u043b\u043e \u0443\u0436\u0435 \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u0435\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, PixiePoint \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u043d\u0430\u043b\u0438\u0437 CVE-2024-38106, \u043d\u0443\u043b\u0435 \u0432 \u044f\u0434\u0440\u0435 Windows, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0442\u0430\u043a\u0436\u0435 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c Citrine Sleet \u0432 \u0430\u0442\u0430\u043a\u0430\u0445, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0441\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e.\n\nSecureLayer7 \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0430 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 CVE-2024-37084 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 Skipper Spring Cloud Data Flow, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 \u0438\u044e\u043b\u0435.\n\nRCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0442\u043e\u0440\u0430 Yaml, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b, \u0447\u0442\u043e \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u0435\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0430\u0442\u0430\u043a\u0430\u043c, \u0435\u0441\u043b\u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 YAML.\n\nVMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438\u00a0\u0434\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Fusion, \u0430 \u0434\u043b\u044f \u043a\u0430\u043c\u0435\u0440 AVTech \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u043d\u043e\u0432\u044b\u0439 PoC\u00a0(\u0441\u0442\u0430\u0440\u044b\u0439 \u0437\u0434\u0435\u0441\u044c), \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e 0-day CVE-2024-7029, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c \u0440\u0430\u043d\u0435\u0435.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Fudgedotdotdot \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043e\u0431\u0437\u043e\u0440 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0435\u0441\u043e\u0447\u043d\u0438\u0446\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\n\u041f\u043e\u0440\u0430\u0434\u043e\u0432\u0430\u043b\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0421\u0430\u0439\u0431\u0435\u0440\u041e\u041a \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u0427\u0435\u0440\u043d\u0435\u043d\u044c\u043a\u043e\u0432 \u0438 \u0421\u0435\u0440\u0433\u0435\u0439 \u0413\u043e\u0440\u0434\u0435\u0439\u0447\u0438\u043a, \u043e\u043a\u0430\u0437\u0430\u0432\u0448\u0438\u0435 \u043f\u043e\u043c\u043e\u0449\u044c \u0432 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Webmin, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 Loop DoS (CVE-2024-2169). \n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Webmin - \u044d\u0442\u043e \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c\u0438 \u0441 \u0431\u043e\u043b\u0435\u0435 \u0447\u0435\u043c 1 000 000 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443. \n\nWebmin/Virtualmin \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 UDP, \u043e\u0431\u044b\u0447\u043d\u043e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0435 \u043d\u0430 \u043f\u043e\u0440\u0442\u0443 UDP/10000.\n\n\u042d\u0442\u0430 \u0441\u043b\u0443\u0436\u0431\u0430 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u043d\u0430 \u043b\u044e\u0431\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 UDP IP-\u0430\u0434\u0440\u0435\u0441\u043e\u043c \u0438 \u043f\u043e\u0440\u0442\u043e\u043c, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043f\u0430\u043d\u0435\u043b\u044c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \n\n\u0422\u0430\u043a\u043e\u0435 \u043f\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 Loop DoS \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 UDP \u0441 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c ip-\u043f\u043e\u0440\u0442\u043e\u043c \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0440\u0443\u0433\u043e\u0433\u043e IP-\u0430\u0434\u0440\u0435\u0441\u0430 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430 Webmin, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0431\u0435\u0441\u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c\u0443 \u043e\u0431\u043c\u0435\u043d\u0443 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c \u043c\u0435\u0436\u0434\u0443 \u0445\u043e\u0441\u0442\u0430\u043c\u0438, \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DOS) \u0438/\u0438\u043b\u0438 \u0437\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u044e \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438.", "creation_timestamp": "2024-09-05T19:00:06.000000Z"}, {"uuid": "f63d1bd9-4719-4c65-8b20-7301376b4235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "seen", "source": "https://t.me/true_secator/6212", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0432\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n1. Ivanti, \u043a\u0430\u043a \u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0430\u0441\u044c \u0441 \u044d\u043a\u0430\u043f\u043b\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cloud Service Appliance (CSA). CVE-2024-8190 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Ivanti CSA \u0441 \u0438\u0441\u0442\u0435\u043a\u0448\u0438\u043c \u0441\u0440\u043e\u043a\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0441\u0438\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0430\u0442\u0430\u043a.\n\n2. Horizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-29847, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE \u0432 Ivanti Endpoint Manager, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0438 \u0442\u0443\u0442 \u0441\u0442\u043e\u0438\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n3. Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Vision Pro \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0424\u043b\u043e\u0440\u0438\u0434\u044b \u0438 \u0422\u0435\u0445\u0430\u0441\u0441\u043a\u043e\u0433\u043e \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438, \u043f\u0440\u043e\u0441\u0442\u043e \u0432\u0437\u0433\u043b\u044f\u043d\u0443\u0432 \u043d\u0430 \u043a\u043b\u0430\u0432\u0438\u0448\u0438.\n\n\u041c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 GAZEploit \u0438 \u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043f\u0435\u0447\u0430\u0442\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c Vision Pro, \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0433\u043b\u0430\u0437.\n\n\u0410\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 30 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u0445 \u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c.\n\nApple \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a\u00a0CVE-2024-40865\u00a0 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0435 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c visionOS 1.3. \n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f visionOS 1.3 \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u0446\u0435 \u0438\u044e\u043b\u044f, \u043d\u043e 5 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f Apple \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0435\u0435, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 CVE-2024-40865.\u00a0\n\n4. \u0415\u0449\u0435 \u043f\u043e Apple: \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432 iOS 18 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u0442\u00a0\u0444\u0443\u043d\u043a\u0446\u0438\u044e\u00a0\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b iPhone, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043a\u0430\u043c\u0435\u0440\u044b, \u0430\u043a\u043a\u0443\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u044b \u0438 \u0434\u0438\u0441\u043f\u043b\u0435\u0438. \n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043b\u044e\u0441\u043e\u0432 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0441\u0443\u043b\u0438\u0442 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u043c\u043e\u043d\u0442\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0434\u043b\u044f \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u043c\u0430\u0441\u0442\u0435\u0440\u0441\u043a\u0438\u0445.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0413\u0430\u0431\u043e\u0440 \u041b\u0435\u0433\u0440\u0430\u0434\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Spring Java. \n\nCVE-2024-38816 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u044e\u0431\u043e\u043c\u0443 \u0444\u0430\u0439\u043b\u0443 \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430.\n\n\u0410\u0442\u0430\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n6. \u041c\u0438\u043a\u043a\u043e \u041a\u0435\u043d\u0442\u0442\u044f\u043b\u044f \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a, \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430 \u043d\u0430\u0437\u0430\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f Zero Click \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0440\u0435\u0434\u044b \u043a\u0430\u043b\u0435\u043d\u0434\u0430\u0440\u044f macOS. \u0412\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 2022 \u043f\u043e \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2023 \u0433\u043e\u0434\u0430.\n\n7. \u0412 Positive Technologies \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e \u0441\u0430\u043c\u044b\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u044b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n- RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Windows Remote Desktop Licensing Service, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 MadLicense (CVE-2024-38077);\n\n- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 Mark of the Web \u0432 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 (CVE-2024-38213);\n\n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0434\u0440\u0435 Windows (CVE-2024-38106), \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Ancillary Function (CVE-2024-38193) \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Power Dependency Coordinator (CVE-2024-38107);\n\n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache \u0434\u043b\u044f WordPress CMS (CVE-2024-28000).", "creation_timestamp": "2024-09-16T19:00:07.000000Z"}, {"uuid": "f96cc48e-2f8b-4115-b6e0-877a5f7591c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38107", "type": "seen", "source": "https://t.me/true_secator/6212", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u043e\u0442\u0440\u0430\u0441\u043b\u0435\u0432\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n1. Ivanti, \u043a\u0430\u043a \u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0441\u0442\u043e\u043b\u043a\u043d\u0443\u043b\u0430\u0441\u044c \u0441 \u044d\u043a\u0430\u043f\u043b\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Cloud Service Appliance (CSA). CVE-2024-8190 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Ivanti CSA \u0441 \u0438\u0441\u0442\u0435\u043a\u0448\u0438\u043c \u0441\u0440\u043e\u043a\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u0440\u043e\u0441\u0438\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0449\u0438\u0445\u0441\u044f \u0430\u0442\u0430\u043a.\n\n2. Horizon3 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0430\u043d\u0430\u043b\u0438\u0437 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-29847, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE \u0432 Ivanti Endpoint Manager, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0438 \u0442\u0443\u0442 \u0441\u0442\u043e\u0438\u0442 \u043e\u0436\u0438\u0434\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n3. Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Vision Pro \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 \u0423\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u0424\u043b\u043e\u0440\u0438\u0434\u044b \u0438 \u0422\u0435\u0445\u0430\u0441\u0441\u043a\u043e\u0433\u043e \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0443\u043d\u0438\u0432\u0435\u0440\u0441\u0438\u0442\u0435\u0442\u0430 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0438, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u0432\u0435\u0434\u0435\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0438, \u043f\u0440\u043e\u0441\u0442\u043e \u0432\u0437\u0433\u043b\u044f\u043d\u0443\u0432 \u043d\u0430 \u043a\u043b\u0430\u0432\u0438\u0448\u0438.\n\n\u041c\u0435\u0442\u043e\u0434 \u0430\u0442\u0430\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 GAZEploit \u0438 \u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043f\u0435\u0447\u0430\u0442\u0430\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c Vision Pro, \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u043d\u0438\u044f \u0434\u0432\u0438\u0436\u0435\u043d\u0438\u044f \u0433\u043b\u0430\u0437.\n\n\u0410\u0442\u0430\u043a\u0430 \u0431\u044b\u043b\u0430 \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 \u043d\u0430 30 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u0445 \u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u043b\u0430 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u0443\u044e \u0442\u043e\u0447\u043d\u043e\u0441\u0442\u044c.\n\nApple \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u0430\u043a\u00a0CVE-2024-40865\u00a0 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0435 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c visionOS 1.3. \n\n\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f visionOS 1.3 \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0432 \u043a\u043e\u043d\u0446\u0435 \u0438\u044e\u043b\u044f, \u043d\u043e 5 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f Apple \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0435\u0435, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 CVE-2024-40865.\u00a0\n\n4. \u0415\u0449\u0435 \u043f\u043e Apple: \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432 iOS 18 \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0435\u0442\u00a0\u0444\u0443\u043d\u043a\u0446\u0438\u044e\u00a0\u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b iPhone, \u0442\u0430\u043a\u0438\u0435 \u043a\u0430\u043a \u043a\u0430\u043c\u0435\u0440\u044b, \u0430\u043a\u043a\u0443\u043c\u0443\u043b\u044f\u0442\u043e\u0440\u044b \u0438 \u0434\u0438\u0441\u043f\u043b\u0435\u0438. \n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043f\u043b\u044e\u0441\u043e\u0432 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0430 \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0441\u0443\u043b\u0438\u0442 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u043c\u043e\u043d\u0442\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0434\u043b\u044f \u0447\u0430\u0441\u0442\u043d\u044b\u0445 \u043c\u0430\u0441\u0442\u0435\u0440\u0441\u043a\u0438\u0445.\n\n5. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0413\u0430\u0431\u043e\u0440 \u041b\u0435\u0433\u0440\u0430\u0434\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Spring Java. \n\nCVE-2024-38816 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u044e\u0431\u043e\u043c\u0443 \u0444\u0430\u0439\u043b\u0443 \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f, \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430.\n\n\u0410\u0442\u0430\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432. \u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 VMware \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n\n6. \u041c\u0438\u043a\u043a\u043e \u041a\u0435\u043d\u0442\u0442\u044f\u043b\u044f \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0441\u0435\u0440\u0438\u0438 \u043e\u0448\u0438\u0431\u043e\u043a, \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u044b\u0445 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430 \u043d\u0430\u0437\u0430\u0434, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f Zero Click \u0430\u0442\u0430\u043a \u043d\u0430 \u0441\u0440\u0435\u0434\u044b \u043a\u0430\u043b\u0435\u043d\u0434\u0430\u0440\u044f macOS. \u0412\u0441\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 2022 \u043f\u043e \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044c 2023 \u0433\u043e\u0434\u0430.\n\n7. \u0412 Positive Technologies \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u044e\u0442 \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e \u0441\u0430\u043c\u044b\u0435 \u043e\u043f\u0430\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0412 \u0430\u0432\u0433\u0443\u0441\u0442\u0435 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u044b \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n- RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Windows Remote Desktop Licensing Service, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 MadLicense (CVE-2024-38077);\n\n- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 Mark of the Web \u0432 Windows, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 (CVE-2024-38213);\n\n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u044f\u0434\u0440\u0435 Windows (CVE-2024-38106), \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 Ancillary Function (CVE-2024-38193) \u0438 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Power Dependency Coordinator (CVE-2024-38107);\n\n- EoP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 LiteSpeed Cache \u0434\u043b\u044f WordPress CMS (CVE-2024-28000).", "creation_timestamp": "2024-09-16T19:00:07.000000Z"}, {"uuid": "275a6662-ab63-47bb-b035-711f88a56512", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/RalfHackerChannel/1514", "content": "FakePotato \u0437\u0430\u0440\u0435\u0433\u0435\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043e \u043a\u0430\u043a CVE-2024-38100. \u041e\u043f\u044f\u0442\u044c DCOM \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0430 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438... \n\nhttps://decoder.cloud/2024/08/02/the-fake-potato/\n\n\u041f\u043e\u043c\u0435\u0447\u0435\u043d\u043e \u043a\u0430\u043a \"Important LPE\", \u043d\u043e \u0437\u0430\u043f\u0430\u0442\u0447\u0435\u043d\u043e \u0432 \u0438\u044e\u043b\u0435... MS \u0442\u0430\u043a\u043e\u0439 MS \ud83d\ude05\ud83d\ude02\n\n#pentest #redteam #lpe #ad", "creation_timestamp": "2024-08-02T19:54:47.000000Z"}, {"uuid": "52c1bc84-79de-4258-92e8-5a0d7c8ae37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38100", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10917", "content": "#tools\n#Offensive_security\nDeadPotato Privilege Escalation Utility\n(CVE-2024-38100)\nhttps://github.com/lypd0/DeadPotato\n]-> https://github.com/MzHmO/LeakedWallpaper", "creation_timestamp": "2024-08-07T18:08:23.000000Z"}, {"uuid": "d254a47a-a668-49dc-bd11-48acc9abf339", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11121", "content": "#Kernel_Security\nDissecting the CVE-2024-38106 Fix\nhttps://www.pixiepointsecurity.com/blog/nday-cve-2024-38106", "creation_timestamp": "2024-09-12T23:04:14.000000Z"}, {"uuid": "5ad81954-9d9d-4425-94f5-fc915d23fdaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38106", "type": "exploited", "source": "https://t.me/InfoSecInsider/162", "content": "\u26a1\ufe0fCVE-2024-38106: 0-Day Windows Kernel Vulnerability Exploited in the Wild, PoC Published.\n\n#CyberBulletin", "creation_timestamp": "2024-09-05T06:58:06.000000Z"}]}