Category: Alert Feeds

– [[{“value”:” Posted by hyp3rlinx on Dec 30 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_HTTP_Security_Token_Bypass-CVE-2024-51464.txt [+] x.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor]www.ibm.com [Product] Navigator for i is a Web console interface where you can perform the key tasks to administer your IBM i. IBM Navigator for i supports the vast majority of tasks that were…“}]] – Read More ...

– [[{“value”:” Posted by hyp3rlinx on Dec 30 [+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_Server_Side_Request_Forgery_CVE-2024-51463.txt [+] x.com/hyp3rlinx [+] ISR: ApparitionSec [Vendor]www.ibm.com [Product] Navigator for i is a Web console interface where you can perform the key tasks to administer your IBM i. IBM Navigator for i supports the vast majority of tasks that…“}]] – Read More  –...

– [[{“value”:” Posted by Blazej Adamczyk on Dec 30 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Multiple vulnerabilities in CTFd versions <= 3.7.4 ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1 General information ═════════════════════…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 21 CyberDanube Security Research 20241219-0 ——————————————————————————- title| Authenticated Remote Code Execution product| Ewon Flexy 205 vulnerable version| <= v14.8s0 (#2633) fixed version| – CVE number| CVE-2024-9154 impact| High homepage| https://www.hms-networks.com/ found| 2024-09-03…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by Andrey Stoykov on Dec 18 # Exploit Title: Stored XSS with Filter Bypass – blogenginev3.3.8 # Date: 12/2024 # Exploit Author: Andrey Stoykov # Version: 3.3.8 # Tested on: Ubuntu 22.04 # Blog: https://msecureltd.blogspot.com/2024/12/friday-fun-pentest-series-16-stored-xss.html Stored XSS Filter Bypass #1: Steps to Reproduce: 1. Login as admin and go to “Content” > “Posts” 2. On the right side...

– [[{“value”:” Posted by Matthias Deeg via Fulldisclosure on Dec 18 Advisory ID: SYSS-2024-085 Product: CA Client Automation (CA DSM) Manufacturer: Broadcom Affected Version(s): 14.5.0.15 Tested Version(s): 14.5.0.15 Vulnerability Type: Improper Privilege Management (CWE-269) Risk Level: High Solution Status: Fixed Manufacturer Notification: 2024-10-18 Solution Date: 2024-12-17 Public Disclosure:…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by malvuln on Dec 16 This next generation version dumps process memory of the targeted Malware prior to termination The process memory dump file MalDump.dmp varies in size and can be 50 MB plus RansomLord now intercepts and terminates ransomware from 54 different threat groups Adding GPCode, DarkRace, Snocry, Hydra and Sage to the ever growing victim list....

– [[{“value”:” Posted by Egidio Romano on Dec 16 ————————————————————————— GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities ————————————————————————— [-] Software Links: https://gfi.ai/products-and-solutions/network-security-solutions/keriocontrol http://download.kerio.com [-] Affected Versions: All versions from 9.2.5 to 9.4.5. [-] Vulnerabilities Description:…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-9 Safari 18.2 Safari 18.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121846. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Safari Available for: macOS Ventura and macOS Sonoma Impact: On a device with Private...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-6 watchOS 11.2 watchOS 11.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121843. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: Apple Watch Series 6 and later Impact: A malicious app may...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-8 visionOS 2.2 visionOS 2.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121845. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Crash Reporter Available for: Apple Vision Pro Impact: An app may be able to...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-7 tvOS 18.2 tvOS 18.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121844. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: Apple TV HD and Apple TV 4K (all models) Impact: A...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2 macOS Sonoma 14.7.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121840. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Apple Software Restore Available for: macOS Sonoma Impact: An app may be...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-3 macOS Sequoia 15.2 macOS Sequoia 15.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121839. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Apple Software Restore Available for: macOS Sequoia Impact: An app may be...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2 macOS Ventura 13.7.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121842. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Apple Software Restore Available for: macOS Ventura Impact: An app may be...

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-2 iPadOS 17.7.3 iPadOS 17.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/121838. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. FontParser Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th...

– [[{“value”:” Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Dec 12 SEC Consult Vulnerability Lab Security Advisory < 20241211-0 > ======================================================================= title: Reflected Cross-Site Scripting product: Numerix License Server Administration System Login vulnerable version: 1.1_596 fixed version: – CVE number: CVE-2024-50585 impact: medium homepage: https://connect.numerix.com/nlslogin.jsp…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 12 St. Pölten UAS 20241209-0 ——————————————————————————- title| Multiple Vulnerabilities in ORing IAP product| ORing IAP-420 vulnerable version| 2.01e fixed version| – CVE number| CVE-2024-55544, CVE-2024-55545, CVE-2024-55546, | CVE-2024-55547, CVE-2024-55548 impact| High homepage|…“}]] – Read More  – Full Disclosure 

– [[{“value”:” Posted by Apple Product Security via Fulldisclosure on Dec 12 APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2 iOS 18.2 and iPadOS 18.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/121837. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleMobileFileIntegrity Available for: iPhone XS and later, iPad...

– [[{“value”:” Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Dec 04 SEC Consult Vulnerability Lab Security Advisory < 20241204-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: Image Access Scan2Net vulnerable version: Firmware <=7.40, <=7.42, <7.42B (depending on the vulnerability) fixed version: mostly fixed in v7.42B CVE number: CVE-2024-28138,…“}]] – Read More  – Full Disclosure 

– On Asterisk, prior to versions 18.24.2, 20.9.2, and 21.4.2 and certified-asterisk versions 18.9-cert11 and 20.7-cert2, an AMI user with write=originate may change all configuration files in the /etc/asterisk/ directory. Writing a new extension can be created which performs a system command to achieve RCE as the asterisk service user (typically asterisk). Default parking lot in FreePBX is called “Default lot”...

– Post Content – Read More  – Packet Storm 

– The Acronis Cyber Protect appliance, in its default configuration, allows the anonymous registration of new protect/backup agents on new endpoints. This API endpoint also generates bearer tokens which the agent then uses to authenticate to the appliance. As the management web console is running on the same port as the API for the agents, this bearer token is also valid...

– This Metasploit module exploits a missing authentication vulnerability affecting FortiManager and FortiManager Cloud devices to achieve unauthenticated RCE with root privileges. The vulnerable FortiManager versions are 7.6.0, 7.4.0 through 7.4.4, 7.2.0 through 7.2.7, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, and 6.2.0 through 6.2.12. The vulnerable FortiManager Cloud versions are 7.4.1 through 7.4.4, 7.2.1 through 7.2.7, 7.0.1 through 7.0.12, and 6.4...

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– [[{“value”:” Posted by Security Explorations on Dec 03 Hello All, We have released a technical document pertaining to our Warbird / PMP security research. It is available for download from this location: https://security-explorations.com/materials/wbpmp_doc.md.txt The document provides a more in-depth technical explanation, illustration and verification of discovered attacks affecting PlayReady on Windows 10 / 11 x64 and pertaining to the following...

– [[{“value”:” Posted by Jeroen Hermans via Fulldisclosure on Dec 02 CloudAware Security Advisory [CVE pending]: Potential PII leak and incorrect access control in Paxton Net2 software ======================================================================== Summary ======================================================================== Insecure backend database in the Paxton Net2 software. Possible leaking of PII incorrect access control. No physical access to computer running Paxton Net2 is required….“}]] – Read More  – Full Disclosure 

– Debian Linux Security Advisory 5821-1 – Multiple security issues were discovered in Thunderbird, which could result in denial of service or the execution of arbitrary code. – Read More  – Packet Storm 

– Debian Linux Security Advisory 5822-1 – It was discovered that in SimpleSAMLphp, an implementation of the SAML 2.0 protocol, is prone to a XXE vulnerability when loading an (untrusted) XML document. – Read More  – Packet Storm 

– AppleAVD has an integer underflow in AV1_Syntax::Parse_Header that can lead to out-of-bounds reads. – Read More  – Packet Storm 

– AppleAVD has an issue where a large OBU size in AV1_Syntax::Parse_Header reading can lead to out-of-bounds reads. – Read More  – Packet Storm 

– AppleAVD has an issue in AV1_Syntax::f leading to out-of-bounds reads. – Read More  – Packet Storm 

– ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose various BACnet MS/TP statistics running on the device. – Read More  – Packet Storm 

– ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose various protocol thread information running on the device. – Read More  – Packet Storm 

– Various Siemens products suffer from vulnerabilities. There is an unlocked JTAG Interface for Zynq-7000 on SM-2558 and a buffer overflow on the webserver of the SM-2558, CP-2016, and CP-2019 systems. – Read More  – Packet Storm 

– ABB Cylon Aspect version 3.08.00 suffers from a vulnerability in the fileSystemUpdate.php endpoint of the ABB BEMS controller due to improper handling of uploaded files. The endpoint lacks restrictions on file size and type, allowing attackers to upload excessively large or malicious files. This flaw could be exploited to cause denial of service (DoS) attacks, memory leaks, or buffer overflows,...

– Omada Identity versions prior to 15U1 and 14.14 hotfix #309 suffer from a persistent cross site scripting vulnerability. – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm 

– Post Content – Read More  – Packet Storm