Sep 13, 2024 – Vulnerability Alerts!

Today’s Cyber Vulnerability Round-Up: A Bit of a Pickle!

Welcome to another day of staring down the barrel of cyber threats! Yes, folks, it’s November 13th and our favourite pastime of worrying over vulnerabilities continues! Here’s a rather juicy selection of what’s been reported today. Just a quick note, this isn’t all of today’s alerts—if you’re keen for all the juicy gossip, feel free to get in touch!

The Adobe Photoshop Saga

Hold onto your keyboards, because Photoshop is in a bit of a pickle with a series of out-of-bounds write vulnerabilities! CVE-2024-45109, CVE-2024-45108, and CVE-2024-43760 all alert us to versions 24.7.4, 25.11 and earlier being stricken by the same dastardly issue that could lead to arbitrary code execution, provided that the victim opens a malicious file. Talk about giving someone the keys to your digital castle!

Furthermore, while we’re reeling from that, we’ve also got a heap-based buffer overflow causing havoc in the same Photoshop versions. Check out CVE-2024-43756 if you’re keen for the details. Why not throw in a CVE-2024-45111 for Illustrator, which is also hurt by an out-of-bounds read vulnerability? It seems Adobe’s creative suite is having a particularly moody day!

ColdFusion’s Unfortunate Day

And let’s not forget ColdFusion! Both CVE-2024-45113 (privilege escalation) and the critical CVE-2024-41874 (arbitrary code execution from deserialization) are making headlines today. If you’re using ColdFusion versions 2023.6 or earlier, you might want to either beef up your security measures or risk becoming a hacker’s best friend!

WordPress Vulnerabilities Galore

Not to be outdone, WordPress is also facing vulnerabilities. From stored cross-site scripting in the Essential Addons for Elementor to reflected XSS in the WP Simple Booking Calendar, danger lurks around every corner! If you’re running these plugins, now might be a good time to clean house before getting too comfortable.

Linux Kernel Knocks

With all the excitement in other software, let’s not overlook the Linux kernel. Multiple medium severity vulnerabilities have been patched, including CVE-2024-46710, which resolves unmapping active read buffers, and more. It’s like a high-stakes game of whack-a-mole in the world of coding!

Well, there you have it—the notable cyber vulnerabilities that ruffled feathers today! Keep your systems updated, avoid clicking on sketchy links, and for heaven’s sake, don’t open files that look like they’ve had a few too many pixels. Until next time, stay secure and keep laughing in the face of threat actors!

Share This Post:

Facebook
Twitter
LinkedIn
Pinterest
Email
WhatsApp
Picture of Adam Cooke
Adam Cooke
As the Operations and Compliance Manager, Adam oversees all aspects of the business, ensuring operational efficiency and regulatory compliance. Committed to high standards, he ensures everyone is heard and supported. With a strong background in the railway industry, Adam values rigorous standards and safety. Outside of work, he enjoys dog walking, gardening, and exploring new places and cuisines.
What our clients say:
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue
Subscribe to our newsletter

Sign up to receive updates, promotions, and sneak peaks of upcoming products. Plus 20% off your next order.

Promotion nulla vitae elit libero a pharetra augue