NVD disclosure day

Published threat advisories for May 31, 2024

CVE advisoryKnown Exploit

CVE-2024-29824

Ivanti Endpoint Manager SQL Injection Vulnerability.

Halo Surface Signal: 2 out of 5 — less likely to be public-facing.

A SQL injection vulnerability in Ivanti Endpoint Manager Core server can allow an attacker on the same network to execute arbitrary code. This affects organizations using Ivanti EPM versions up to 2022 SU5 and presents a risk of unauthorized code execution and potential data compromise.

NVD published: • CISA KEV
CVE advisoryKnown Exploit

CVE-2024-23692

Rejetto HTTP File Server Command Execution Vulnerability

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Rejetto HTTP File Server contains a template injection vulnerability. An unauthenticated attacker can exploit this to execute arbitrary commands on affected systems, posing a risk of unauthorized system access and control. The affected version is no longer supported, increasing business risk for organizations continuin

NVD published: • CISA KEV