Category: Alert Feeds

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-6 watchOS 11.2 watchOS 11.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121843. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: Apple Watch Series 6 and later Impact: A malicious app may...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-8 visionOS 2.2 visionOS 2.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121845. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Crash Reporter Available for: Apple Vision Pro Impact: An app may be able to...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-7 tvOS 18.2 tvOS 18.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121844. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: Apple TV HD and Apple TV 4K (all models) Impact: A...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2 macOS Sonoma 14.7.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121840. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Apple Software Restore Available for: macOS Sonoma Impact: An app may be...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-3 macOS Sequoia 15.2 macOS Sequoia 15.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121839. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Apple Software Restore Available for: macOS Sequoia Impact: An app may be...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2 macOS Ventura 13.7.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121842. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Apple Software Restore Available for: macOS Ventura Impact: An app may be...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-2 iPadOS 17.7.3 iPadOS 17.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/121838. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th...

– [[{“value”:” Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Dec 12 SEC Consult Vulnerability Lab Security Advisory < 20241211-0 > ======================================================================= title: Reflected Cross-Site Scripting product: Numerix License Server Administration System Login vulnerable version: 1.1_596 fixed version: – CVE number: CVE-2024-50585 impact: medium homepage: https://connect.numerix.com/nlslogin.jsp…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 12 St. Pölten UAS 20241209-0 ——————————————————————————- title| Multiple Vulnerabilities in ORing IAP product| ORing IAP-420 vulnerable version| 2.01e fixed version| – CVE number| CVE-2024-55544, CVE-2024-55545, CVE-2024-55546, | CVE-2024-55547, CVE-2024-55548 impact| High homepage|…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2 iOS 18.2 and iPadOS 18.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121837. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: iPhone XS and later, iPad...

– [[{“value”:” Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Dec 04 SEC Consult Vulnerability Lab Security Advisory < 20241204-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: Image Access Scan2Net vulnerable version: Firmware <=7.40, <=7.42, <7.42B (depending on the vulnerability) fixed version: mostly fixed in v7.42B CVE number: CVE-2024-28138,…“}]] – Read More  – Full Disclosure 

– On Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with write=originate may change all configuration files in the /etc/asterisk/ directory. Writing a new extension can be created which performs a system command to achieve RCE as the asterisk service user (typically asterisk). Default parking lot in FreePBX is called “Default lot”...

– Post Content – Read More  – Packet Storm 

– The Acronis Cyber Protect appliance, in its default configuration, allows the anonymous registration of new protect/backup agents on new endpoints. This API endpoint also generates bearer tokens which the agent then uses to authenticate to the appliance. As the management web console is running on the same port as the API for the agents, this bearer token is also valid...

– This Metasploit module exploits a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices to achieve unauthenticated RCE with root privileges. The vulnerable FortiManager versions are 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, and 6.2.0 through 6.2.12. The vulnerable FortiManager Cloud versions are 7.4.1 through 7.4.4, 7.2.1 through 7.2.7, 7.0.1 through 7.0.12, and 6.4...

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– [[{“value”:” Posted by Security Explorations on Dec 03 Hello All, We have released a technical document pertaining to our Warbird / PMP security research. It is available for download from this location: https://security-explorations.com/materials/wbpmp_doc.md.txt The document provides a more in-depth technical explanation, illustration and verification of discovered attacks affecting PlayReady on Windows 10 / 11 x64 and pertaining to the following...

– [[{“value”:” Posted by Jeroen Hermans via Fulldisclosure on Dec 02 CloudAware Security Advisory [CVE pending]: Potential PII leak and incorrect access control in Paxton Net2 software ======================================================================== Summary ======================================================================== Insecure backend database in the Paxton Net2 software. Possible leaking of PII incorrect access control. No physical access to computer running Paxton Net2 is required….“}]] – Read More  – Full Disclosure 

– Debian Linux Security Advisory 5821-1 – Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. – Read More  – Packet Storm 

– AppleAVD has an integer underflow in AV1_Syntax::Parse_Header that can lead to out-of-bounds reads. – Read More  – Packet Storm 

– Debian Linux Security Advisory 5822-1 – It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, is prone to a XXE vulnerability when loading an (untrusted) XML document. – Read More  – Packet Storm 

– AppleAVD has an issue where a large OBU size in AV1_Syntax::Parse_Header reading can lead to out-of-bounds reads. – Read More  – Packet Storm 

– AppleAVD has an issue in AV1_Syntax::f leading to out-of-bounds reads. – Read More  – Packet Storm 

– ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose various BACnet MS/TP statistics running on the device. – Read More  – Packet Storm 

– ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose various protocol thread information running on the device. – Read More  – Packet Storm 

– Various Siemens products suffer from vulnerabilities. There is an unlocked JTAG Interface for Zynq-7000 on SM-2558 and a buffer overflow on the webserver of the SM-2558, CP-2016, and CP-2019 systems. – Read More  – Packet Storm 

– ABB Cylon Aspect version 3.08.00 suffers from a vulnerability in the fileSystemUpdate.php endpoint of the ABB BEMS controller due to improper handling of uploaded files. The endpoint lacks restrictions on file size and type, allowing attackers to upload excessively large or malicious files. This flaw could be exploited to cause denial of service (DoS) attacks, memory leaks, or buffer overflows,...

– Omada Identity versions prior to 15U1 and 14.14 hotfix #309 suffer from a persistent cross site scripting vulnerability. – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– [[{“value”:” Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Nov 27 SEC Consult Vulnerability Lab Security Advisory < 20241125-0 > ======================================================================= title: Unlocked JTAG interface and buffer overflow product: Siemens SM-2558 Protocol Element (extension module for Siemens SICAM AK3/TM/BC), Siemens CP-2016 & CP-2019 vulnerable version: JTAG: Unknown HW revision, Zynq Firmware…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by Mark Esler on Nov 27 The security fix for CVE-2024-48991, 6ce6136 (“core: prevent race condition on /proc/$PID/exec evaluation”) [0], introduced a regression which was subsequently fixed 42af5d3 (“core: fix regression of false positives for processes running in chroot or mountns (#317)”) [1]. Many thanks to Ivan Kurnosov and Salvatore Bonaccorso for their review. [0] https://github.com/liske/needrestart/commit/6ce6136cccc307c6b8a0f8cae12f9a22ac2aad59…“}]] – Read More ...

– [[{“value”:” Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Nov 27 SEC Consult Vulnerability Lab Security Advisory < 20241127-0 > ======================================================================= title: Stored Cross-Site Scripting product: Omada Identity vulnerable version: <v15U1, <v14.14 hotfix #309 fixed version: v15U1, v14.14 hotfix #309 CVE number: CVE-2024-52951 impact: Medium homepage:…“}]] – Read More  – Full Disclosure 

– Post Content – Read More  – Packet Storm 

– ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated configuration download vulnerability. This can be exploited to download the CSV DB that contains the configuration mappings information via the VMobileImportExportServlet by directly calling the vstatConfigurationDownload.php script. – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm