Security
Headlines
HeadlinesLatestCVEs

Tag

#vulnerability

CVE-2024-49064: Microsoft SharePoint Information Disclosure Vulnerability

**There are multiple update packages available for some of the affected software. Do I need to install all the updates listed in the Security Updates table for the software?** Yes. Customers should apply all updates offered for the software installed on their systems. If multiple updates apply, they can be installed in any order.

Microsoft Security Response Center
#vulnerability#microsoft#Microsoft Office SharePoint#Security Vulnerability
CVE-2024-49059: Microsoft Office Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2024-49057: Microsoft Defender for Endpoint on Android Spoofing Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user must install and use a specially-crafted malicious application on their Android device.

CVE-2024-43594: System Center Operations Manager Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain administrator privileges.

CVE-2024-49068: Microsoft SharePoint Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain the privileges of the compromised user.

CVE-2024-49105: Remote Desktop Client Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An authenticated attacker could exploit the vulnerability by triggering remote code execution (RCE) on the server via a Remote Desktop connection. Alternatively, an authenticated attacker could trigger guest-to-host RCE via a malicious program by connecting to the host using MMC.

GHSA-8qch-vj6m-2694: luigi Arbitrary File Write via Archive Extraction (Zip Slip)

Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) due to improper destination file path validation in the _extract_packages_archive function.

ShinyHunters, Nemesis Linked to Hacks After Leaking Their AWS S3 Bucket

Summary Cybersecurity researchers have identified a large-scale hacking operation linked to notorious ShinyHunters and Nemesis hacking groups. In…

GHSA-w6rx-9g2x-mg5g: Drupal core contains a potential PHP Object Injection vulnerability

Drupal core contains a potential PHP Object Injection vulnerability that (if combined with another exploit) could lead to Remote Code Execution. It is not directly exploitable. This issue is mitigated by the fact that in order for it to be exploitable, a separate vulnerability must be present to allow an attacker to pass unsafe input to `unserialize()`. There are no such known exploits in Drupal core. To help protect against this potential vulnerability, types have been added to properties in some of Drupal core's classes. If an application extends those classes, the same types may need to be specified on the subclass to avoid a `TypeError`. This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.