Most recent activity.

https://cve.circl.lu/comment/feed Most recent activity. 2025-02-22T13:58:43.683415+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains the recent activity for gally. https://cve.circl.lu/bundle/c854b418-a4e1-4135-958a-a523843c27f0 Zyxel security advisory for multiple vulnerabilities in firewalls 2025-02-22T13:58:43.692630+00:00 Zyxel has released patches addressing multiple vulnerabilities in some firewall versions. Users are advised to install the patches for optimal protection. | Firewall series | CVE-2024-6343 | CVE-2024-7203 | CVE-2024-42057 | CVE-2024-42058 | CVE-2024-42059 | CVE-2024-42060 | CVE-2024-42061 | Patch availability | |-----------------------------------|-----------------------|-----------------------|------------------------|------------------------|------------------------|------------------------|------------------------|---------------------| | ATP | ZLD V4.32 to V5.38 | ZLD V4.60 to V5.38 | ZLD V4.32 to V5.38 | ZLD V4.32 to V5.38 | ZLD V5.00 to V5.38 | ZLD V4.32 to V5.38 | ZLD V4.32 to V5.38 | ZLD V5.39 | | USG FLEX | ZLD V4.50 to V5.38 | ZLD V4.60 to V5.38 | ZLD V4.50 to V5.38 | ZLD V4.50 to V5.38 | ZLD V5.00 to V5.38 | ZLD V4.50 to V5.38 | ZLD V4.50 to V5.38 | ZLD V5.39 | | USG FLEX 50(W)/USG20(W)-VPN | ZLD V4.16 to V5.38 | Not affected | ZLD V4.16 to V5.38 | ZLD V4.20 to V5.38 | ZLD V5.00 to V5.38 | ZLD V4.16 to V5.38 | ZLD V4.16 to V5.38 | ZLD V5.39 | 2024-09-05T08:38:26.837494+00:00 https://cve.circl.lu/bundle/e49e5ff3-cc60-4b0f-b772-473ad67c3c8c Cisco Smart Licensing Utility 2025-02-22T13:58:43.692566+00:00 Two critical vulnerabilities in Cisco's Smart Licensing Utility allow remote, unauthenticated attackers to gain privileges or access sensitive data. Vulnerabilities: * CVE-2024-20439 (CVSS: 9.8): An undocumented static admin account can be exploited to access affected systems. * CVE-2024-20440 (CVSS: 7.5): An overly verbose debug log can be exploited via a crafted HTTP request, exposing API credentials. ⚠️ These issues are only exploitable if the licensing utility is actively running. Cisco strongly advises updating systems to mitigate these threats. 2024-09-05T15:32:24.185197+00:00 https://cve.circl.lu/bundle/0f4cd48e-b3f2-4cb5-81ea-77ddf45a56e0 Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) 2025-02-22T13:58:43.692449+00:00 CVE-2024-20353 is a denial-of-service attack that allows a remote, unauthenticated attacker to cause the device to reload unexpectedly, resulting in a denial-of-service condition. CVE-2024-20358 is a command injection attack that allows a local, authenticated attacker with Administrator level privileges to run arbitrary commands as root on the underlying device operating system. CVE-2024-20359 is similar and is an arbitrary code execution attack that allows a local, authenticated attacker with Administrator level privileges to execute arbitrary code as root on the underlying device operating system. 2024-12-20T07:12:35.208963+00:00