Microsoft Excel 信息泄露漏洞

Microsoft Excel is a spreadsheet processing software in the Office suite from Microsoft USA. An information leakage vulnerability exists in Microsoft Excel, which is caused due to improper authorization validation. An attacker could exploit the vulnerability to obtain sensitive information...

RHSA-2024:4371

creationtimestamp| type| source ---|---|--- 2025-01-13 09:11:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1356 2025-05-12 23:29:31+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16071...

SUSE CVE-2024-55949

MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license. Minio is subject to a privilege escalation in IAM import API, all users are impacted since MinIO commit 580d9db85e04f1b63cc2909af50f0ed08afa965f. This issue has been addressed in commit...

CVE-2024-49401

Improper input validation in Settings Suggestions prior to SMR Nov-2024 Release 1 allows local attackers to launch privileged activities...

CVE-2024-34611

Improper access control in KnoxService prior to SMR Aug-2024 Release 1 allows local attackers to get sensitive information...

SAMSUNG Mobile devices security vulnerability

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung. A security vulnerability exists in SAMSUNG Mobile devices prior to SMR Jul-2024 Release 1, which stems from improper input validation of the parsing RTCP RR...

CVE-2024-1848 Multiple vulnerabilities exist in file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in the file reading procedure in SOLIDWORKS Desktop on Release SOLIDWORKS 2024. These vulnerabilities...

CVE-2024-0935

Insertion of Sensitive Information into Log File vulnerabilities are affecting DELMIA Apriso Release 2019 through Release 2024...

CVE-2024-24747

MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for s3: actions, but also admin: actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able t...

CVE-2024-24747 MinIO unsafe default: Access keys inherit `admin` of root user, allowing privilege escalation

MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for s3: actions, but also admin: actions. Which means unless somewhere above in the access-key hierarchy, the admin rights are denied, access keys will be able t...

PT-2024-1573 · Minio +2 · Minio +2

Name of the Vulnerable Software and Affected Versions: MinIO versions prior to RELEASE.2024-01-31T20-20-33Z Description: The issue is related to the inheritance of permissions by access keys in MinIO, a high-performance object storage system. When an access key is created, it inherits the...

AZL-33284 CVE-2024-21646 affecting package azure-iot-sdk-c for versions less than 2022.01.21-2

Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remo...