Vulnerability - c9Journal

Vulnerability
October 28, 2024

Microsoft SharePoint Deserialization Vulnerability (CVE-2024-38094): Overview and Mitigation

Microsoft SharePoint has been targeted by attackers exploiting CVE-2024-38094, a deserialization vulnerability. This flaw allows attackers to inject malicious code by tricking the system into deserializing untrusted data.

Zero-Day Exploits , Cyber Security News , Vulnerability
October 28, 2024

Critical Vulnerability in Wi-Fi Test Suite Enables Root Access on Arcadyan Routers

A newly disclosed security flaw in the Wi-Fi Test Suite platform could allow unauthenticated local attackers to execute arbitrary code with root-level privileges. The vulnerability, tracked as CVE-2024-41992,

Vulnerability
October 28, 2024

Critical DSE Bypass Uncovered: New Downgrade Attack Enables Kernel Exploits on Patched Windows Systems

A newly discovered attack technique allows hackers to bypass Microsoft’s Driver Signature Enforcement (DSE), potentially exposing fully updated Windows systems to serious threats. The method leverages OS downgrade

Vulnerability
October 27, 2024

CVE-2013-3900 (MS13-098) Vulnerability and Its Mitigation

CVE-2013-3900 is a critical vulnerability affecting Microsoft Windows systems. This flaw resides in how the WinVerifyTrust function validates Authenticode digital signatures on executable files. Authenticode is Microsoft’s code-signing