CVE-2024-12168 – Yandex Telemost DLL Hijacking Vulnerability

June 2, 2025

CVE ID : CVE-2024-12168

Published : June 2, 2025, 1:15 p.m. | 1 hour, 56 minutes ago

Description : Yandex Telemost for Desktop before 2.7.0 has a DLL Hijacking Vulnerability because an untrusted search path is used.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-26396 – SolarWinds Dameware Mini Remote Control Local Privilege Escalation Vulnerability

Next Article CVE-2025-5444 – “Linksys Wireless Router RP_UpgradeFWByBBS OS Command Injection Vulnerability”

Highlights

CVE-2025-7628 – YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability

July 14, 2025

CVE ID : CVE-2025-7628

Published : July 14, 2025, 6:15 p.m. | 34 minutes ago

Description : A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd. It has been classified as critical. This affects the function deleteFile of the file /deleteFile. The manipulation of the argument fileName leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Hitachi Energy Pledges $1B to Strengthen US Grid, Build Largest Transformer Plant in Virginia

How to debug a web app with Playwright MCP and GitHub Copilot

Between Strategy and Story: Thierry Chopain’s Creative Path

What You Need to Know About CSS Color Interpolation

Why browsers throttle JavaScript timers (and what to do about it)

Why browsers throttle JavaScript timers (and what to do about it)

How to create Google Gemini AI component in Total.js Flow

Drupal 11’s AI Features: What They Actually Mean for Your Team

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

CVE-2024-12168 – Yandex Telemost DLL Hijacking Vulnerability

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

CVE-2025-54445 – Samsung MagicINFO 9 Server XML External Entity Reference SSRF

CVE-2025-23180 – Apache HTTP Server Unprivileged Process Execution

CVE-2025-44531 – Realtek RTL8762EKF-EVB Bluetooth Denial of Service

6 registry tweaks every tech-savvy user must apply on Windows 11

CVE-2025-7628 – YiJiuSmile kkFileViewOfficeEdit Path Traversal Vulnerability

CVE-2025-47947 – ModSecurity Denial of Service Vulnerability

Aiffro K100 All-SSD NAS running Linux: Introduction to the Series

CVE-2025-30170 – ASPECT File Path Disclosure Vulnerability

CVE-2024-12168 – Yandex Telemost DLL Hijacking Vulnerability

Related Posts