Recent comments
Log in or create an account to share your comment.
- CVE-2024-36401 GeoServer Remote Code Execution - https://github.com/0x0d3ad/CVE-2024-36401
Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System
2024-11-08T08:48:36 by Cédric Bonhomme« Nov 05, 2024 Ravie LakshmananMobile Security / Vulnerability Vulnerability in Android System
Google has warned that a security flaw impacting its Android operating system has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2024-43093, has been described as a privilege escalation flaw in the Android Framework component that could result in unauthorized access to "Android/data," "Android/obb," and "Android/sandbox" directories, and their respective sub-directories, according to a code commit message.»
- https://packetstormsecurity.com/files/172820/Zyxel-IKE-Packet-Decoder-Unauthenticated-Remote-Code-Execution.html
We still see exploitation of that vulnerability in a black-hole network.
CVE-2024-10826: Use after free in Family Experiences. Reported by Anonymous on 2024-09-29
High CVE-2024-10827: Use after free in Serial. Reported by Anonymous on 2024-10-23
we’re back, and despite all the buzz about FortiManager - the saga is about to continue.
Please, remove this from the Internet *even if fully patched*
speak soon.
Ref: https://x.com/watchtowrcyber/status/1853262240822276534
A MISP event in JSON format is available with all details and IoCs.