• Zero Day Initiative

None ... Read more

• 0patch.com

In December of 2022, Ben Barnea of Akamai posted an X thread about a bug they had found in Windows Local Service Manager (LSM) that can lead to local privilege escalation from regular user account to ... Read more

• cert.pl

CVE ID CVE-2024-2759 Publication date 04 April 2024 Vendor Alsendo Sp. z o. o. Product Apaczka (PrestaShop plugin) Vulnerable versions through v4 Vulnerability type (CWE) Improper Access Control (CWE- ... Read more

• 0patch.com

January 2024 Windows Updates brought a patch for CVE-2024-21320, a privilege escalation vulnerability in Windows. The vulnerability allows a remote attacker to acquire user's NTLM credentials when the ... Read more

• cert.pl

CVE ID CVE-2024-2463 Publication date 21 March 2024 Vendor CDeX PSA Product CDeX Vulnerable versions through 5.71 Vulnerability type (CWE) Weak Password Recovery Mechanism for Forgotten Password (CWE- ... Read more

• Trend Micro

On March 4, 2024, JetBrains disclosed two critical vulnerabilities — CVE-2024-27198 and CVE-2024-27199 — within the TeamCity On-Premises platform that allow attackers to bypass authentication measures ... Read more

• Trend Micro

Exploits & Vulnerabilities Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897. Jenkins, a popular open-source automation serve ... Read more

• cert.pl

CVE ID CVE-2024-1604 Publication date 18 March 2024 Vendor BMC Product Control-M Vulnerable versions from 9.0.20 before 9.0.20.238, from 9.0.21 before 9.0.21.201 Vulnerability type (CWE) Incorrect Aut ... Read more

• 0patch.com

Update 7/31/2024: Additional exploitation variants for this vulnerability were subsequently discovered. Consequently, original micropatches were revoked and new micropatches issued to cover these new ... Read more

• Zero Day Initiative

None ... Read more