This weekly blog post is from via our unique intelligence collection pipelines. We are your eyes and ears online, including the Dark Web.
There are thousands of vulnerability discussions each week. SOS Intelligence gathers a list of the most discussed Common Vulnerabilities and Exposures (CVE) online for the previous week.
We make every effort to ensure the accuracy of the data presented. As this is an automated process some errors may creep in.
If you are feeling generous please do make us aware of anything you spot, feel free to follow us on Twitter @sosintel and DM us. Thank you!
1. CVE-2024-3400
A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.
https://nvd.nist.gov/vuln/detail/CVE-2024-3400
2. CVE-2024-29981
Microsoft Edge (Chromium-based) Spoofing Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2024-29981
3. CVE-2024-29049
Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2024-29049
4. CVE-2024-29987
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2024-29987
5. CVE-2024-29986
Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2024-29986
6. CVE-2024-21338
Windows Kernel Elevation of Privilege Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2024-21338
7. CVE-2024-3273
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.
https://nvd.nist.gov/vuln/detail/CVE-2024-3273
8. CVE-2020-16040
Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
https://nvd.nist.gov/vuln/detail/CVE-2020-16040
9. CVE-2022-47522
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept (possibly cleartext) target-destined frames by spoofing a target’s MAC address, sending Power Save frames to the access point, and then sending other frames to the access point (such as authentication frames or re-association frames) to remove the target’s original security context. This behavior occurs because the specifications do not require an access point to purge its transmit queue before removing a client’s pairwise encryption key.
https://nvd.nist.gov/vuln/detail/CVE-2022-47522
10. CVE-2023-32054
Volume Shadow Copy Elevation of Privilege Vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2023-32054