CVE – Page 2 – Stuxlab

CVE-2024-3400 PAN-OS: Command Injection Vulnerability in GlobalProtect

Aug 28, 2024

—

by

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by…

CVE-2024-38063 : Windows TCP/IP Remote Code Execution Vulnerability

Aug 22, 2024

—

by

Vishvendra

in Microsoft, Operating System

Severity Rating: CRITICAL Software Affected: All Windows systems which are using IPv6 Overview: A vulnerability has been reported in Microsoft windows which could allow an unauthenticated remote attacker to execute arbitrary code on the targeted system. Description: This vulnerability exists due to an Integer Underflow weakness that attackers can exploit to initiate buffer overflow. An…

CVE-2024-38178: Memory Corruption Vulnerability in Microsoft Windows Scripting Engine

Aug 19, 2024

—

by

Vishvendra

in CVE, Microsoft, Operating System

CVE 2024-38178 Severity High Software Affected Win 11 – 24H2, 21H2, 22H2, 22H3, 23H2Win 10 – 1809, 21H2, 22H2, 1507,1607Win 2019, 2022, 2016, 2012 R2Win 2019 (Server Core)Win 2022 23H2 EditionWin 2016 (Server Core)Win 2012 R2 (Server Core) Overview A memory corruption vulnerability has been reported in Microsoft Windows Scripting Engine which could be exploited…

CVE-2024-7550: Type Confusion in V8 in Google Chrome prior to 127.0.6533.99

Aug 14, 2024

—

by

Vishvendra

in Browser, CVE, Google Chrome

Type Confusion in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Reference: https://issues.chromium.org/issues/355256380 https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html

Tag: CVE

CVE-2024-3400 PAN-OS: Command Injection Vulnerability in GlobalProtect

CVE-2024-38063 : Windows TCP/IP Remote Code Execution Vulnerability

CVE-2024-38178: Memory Corruption Vulnerability in Microsoft Windows Scripting Engine

CVE-2024-7550: Type Confusion in V8 in Google Chrome prior to 127.0.6533.99