CVE-2024-37391

ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant'autopf\Proton\Drive' + '"' in Setup/setup.iss...

PT-2024-27517 · Proton · Protonvpn

Name of the Vulnerable Software and Affected Versions: ProtonVPN versions prior to 3.2.10 Description: The issue is related to the mishandling of the drive installer path in the Setup/setup.iss file. Specifically, it should use the path constructed by ' + ExpandConstant'autopfProtonDrive' + ' to...

CVE-2024-37391

ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant'autopf\Proton\Drive' + '"' in Setup/setup.iss...

CVE-2024-37391

ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"' + ExpandConstant'autopf\Proton\Drive' + '"' in Setup/setup.iss...

CVE-2024-37391

CVE-2024-37391 concerns ProtonVPN on Windows prior to version 3.2.10. The vulnerability stems from mishandling the drive installer path in Setup/setup.iss; the path should be created as the quoted ExpandConstant('{autopf}\Proton\Drive') to correctly locate the drive component. Affected software: ...

CVE-2024-40644

gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gix-path can be tricked into running another git.exe placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts without administrative privileges to create new...

Netscaler SDX RAID

Introduction This article provides the instructions on how to replace the faulty physical drive on SDX box Overview of the Issue RAID replacement on SDX and steps to replace it. Note:The SDX appliance in its default configuration is shipped with four disk slots populated with solid-state drives...

Failure to Store Cache on Local Hard Drive

Even after selecting “cache is on device hard drive”, cache is getting stored on the Provisioning Service PVS server. The following screen shot shows the virtual disk status:...

How to Disable Specific Client Drive Mappings

This article provides instructions on how to disable specific Client Drive Mappings from enumerating within an ICA session...

Drive Letters Change on the Target Devices when the Virtual Disk Changes between Private and Standard Mode

The local drive letter on the target devices change when a virtual disk changes its mode between Private and Standard. In Private mode the extra disk for write cache is E: and the CD/DVD is D:. When the customer changes the virtual disk to Standard mode, the extra disk for write cache changes to ...

How to Export a Virtual Machine to an External USB Drive

This article describes how to export a XenServer Virtual Machine VM to a USB storage device...

New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign

Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan RAT called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense...

CVE-2024-37934

Improper Control of Generation of Code 'Code Injection' vulnerability in Saturday Drive Ninja Forms allows Code Injection.This issue affects Ninja Forms: from n/a through 3.8.4...

FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks

The loader-as-a-service LaaS known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal. "FakeBat primarily aims to download and execute the next-stage payload, such as IcedID, Lumma,...

CVE-2023-38393

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25...

CVE-2023-38393

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25...

UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying

The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...

CVE-2023-38386

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25...

CVE-2023-38386

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25...

CVE-2023-38386 WordPress Ninja Forms plugin <= 3.6.25 - Contributor+ Broken Access Control vulnerability

Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25...