Debian Linux Security Advisory 5632-1 - It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have.
41b32f3945ea62d6717b9bcf3c2f3261d62077b5c247d91363fa5b2bd9022945
This post details the story and technical details of the non-secure Hypervisor-Protected Code Integrity (HVCI) configuration vulnerability disclosed and fixed with the January 9th update on Windows. This vulnerability, CVE-2024-21305, allowed arbitrary kernel-mode code execution, effectively bypassing HVCI within the root partition.
9d64188a47060dad96a12b2b5fc06e5f3f52c1141722943d26696fa195cc355b
This Metasploit module exploits an authentication bypass vulnerability in JetBrains TeamCity. An unauthenticated attacker can leverage this to access the REST API and create a new administrator access token. This token can be used to upload a plugin which contains a Metasploit payload, allowing the attacker to achieve unauthenticated remote code execution on the target TeamCity server. On older versions of TeamCity, access tokens do not exist so the exploit will instead create a new administrator account before uploading a plugin. Older versions of TeamCity have a debug endpoint (/app/rest/debug/process) that allows for arbitrary commands to be executed, however recent version of TeamCity no longer ship this endpoint, hence why a plugin is leveraged for code execution instead, as this is supported on all versions tested.
68370990799fd1605fae05ac9ac3f36fd6659508fbfeef67d22e3cf720e8fa87
Apple Security Advisory 03-12-2024-1 - GarageBand 10.4.11 addresses code execution and use-after-free vulnerabilities.
cf1feda0632734f3eac97a03cb231aca57c5c2445e35cdacbbac27e26d43b080
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
bb37d3d885c05665df5e0348f90e65516bd9024d109db00efe75183960a1ab40
StimulusReflex versions 3.5.0 up to and including 3.5.0.rc2 and 3.5.0.pre10 suffer from an arbitrary code execution vulnerability.
9e5263d5183618a2c41a25b126b245bfa777329a2f535120971b95cdc71f0486
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
75dbd070cadb95c190fb2c3e720880078476efddd8b02e812bc1c594dfa6e86f
Apple Security Advisory 03-07-2024-5 - watchOS 10.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
6df43170bd5fc352fd321acd5fe231d753158fd667fcbe6941a1ccefd16eb11a
Apple Security Advisory 03-07-2024-4 - macOS Monterey 12.7.4 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.
6d34d98987ed9e7f5bc383bd22eb781faef984e2518dc2398e1701abcb1cdd3b
Apple Security Advisory 03-07-2024-3 - macOS Ventura 13.6.5 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.
a73a9b93cfdd3db0327dd1d8307d169f4dba16169f4b090abd5020a3d9a70efe
Apple Security Advisory 03-07-2024-2 - macOS Sonoma 14.4 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.
29c509ba93a9dc40af758aca80410a21c8239c2a3c115bac3d2acd0e1e6deea5
JetBrains TeamCity version 2023.05.3 suffers from a remote code execution vulnerability.
e1c264f19102d105794de4c6c20eaafe22944b48d40bf81b679d6529f26dcffb
Honeywell PM43 versions prior to P10.19.050004 suffer from a remote code execution vulnerability.
af3705248c7122eb4d11be4c13209b3526cbee77ed228747c3f55800ef9fb1ef
Viessmann Vitogate 300 versions 2.1.3.0 and below suffers from a remote code execution vulnerability.
86410aca0ad3a7245b8cb07735d4ec21669679039be68751fc1b43a423e0766a
Ruijie Switch version PSG-5124 with software build 26293 suffers from a remote code execution vulnerability.
31f3b0a900318bec9de9a1e9f67d893c6b3f4c63a3437484a3559c375ebb2fa0
Karaf version 4.4.3 suffers from a remote code execution vulnerability.
2f400975f659ce2b1411ab5f0648a7b24fbc5ff13c60a27cd18e2461d40bfd86
OSGi versions 3.7.2 and below suffer from a remote code execution vulnerability.
b58312b3c9ef3414d27ca17e2db9d015ffcd0263ed95cd4c31a69f65fd99f59d
OSGi versions 3.8 through 3.18 suffer from a remote code execution vulnerability.
f497ebf8b35afe62aa891bf6ce65680f2ac452e845456b06776d98729a31b50d
Numbas versions prior to 7.3 suffer from a remote code execution vulnerability.
e0195e7e21a5182d8c8267f498108059037a2956810cf1cbc5880c33a370d809
Sitecore version 8.2 suffers from a remote code execution vulnerability.
bb3d70849315ed8ba0c15b23acace7c5306c6747aad0652046ed829b77617644
The Artica Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the www-data user. Version 4.50 is affected.
8e2ee354af5fde39323dcb9b78bd8d0b892172400746b1b66015b3a87cbd8630
Red Hat Security Advisory 2024-1188-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include code execution, denial of service, memory leak, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
f149b4e2e5b84c510b0c155de2d3290d8c9826d0679ef81dccc32677afb3f3aa
Red Hat Security Advisory 2024-1130-03 - An update for openssh is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
81ece00c1a0fa3af166446b3fac05f48fad824008e773bbee6b4296a6a0afd61
Red Hat Security Advisory 2024-1103-03 - An update for emacs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a code execution vulnerability.
3261eb05c7b7aa00971bf8a50a1010b99c673a07b06af3d70c4e64d01fd527d5
JetBrains TeamCity versions prior to 2023.11.4 remote authentication bypass exploit that can be leveraged for user addition and remote code execution.
1eb2994a182c4436527b7e141ca0fa83da6821b9a33465277fc30e0e77a404f3