Red Hat Security Advisory 2024-4960-03 - Red Hat OpenShift Container Platform release 4.14.34 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include code execution, denial of service, and memory leak vulnerabilities.
b362cf11485cffa82d7d2f3ce92004e2a4ce5f175b3aad6bb9a58f0696252611
Red Hat Security Advisory 2024-5040-03 - An update for python-setuptools is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Issues addressed include a code execution vulnerability.
8bb6ec3a8888799f1a80510c67c4486b1198a440ca783508db4c4177f306f782
Gentoo Linux Security Advisory 202408-5 - Multiple vulnerabilities have been discovered in Redis, the worst of which may lead to a denial of service or possible remote code execution. Versions greater than or equal to 7.2.4 are affected.
44b89405ab5c4ee37e2bba62129744deb31752d4a37a6369ac2d9cd7a4c01629
Red Hat Security Advisory 2024-5002-03 - An update for python3.11-setuptools is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a code execution vulnerability.
b984bf52e93837ed2769f0cf61e74a52f1160d59751bf4c303cf3fdde5afb7b6
Gentoo Linux Security Advisory 202408-4 - A vulnerability has been discovered in Levenshtein, which could lead to a remote code execution. Versions greater than or equal to 0.12.1 are affected.
442755c33749731c5db789f275ded94dfc5e3d12df17c2b52383bb496aae4ccf
Red Hat Security Advisory 2024-5000-03 - An update for python-setuptools is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a code execution vulnerability.
666d8c5f8104214de7a39a12534b848114fcfa67d58e4f45fa937281d300726a
Red Hat Security Advisory 2024-4955-03 - Red Hat OpenShift Container Platform release 4.15.25 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.
ba2dee49b08659fd496a23374577a03197b8fe23226b218bffb31d3fd01cbf89
Gentoo Linux Security Advisory 202408-2 - Multiple vulnerabilities have been discovered in Mozilla Firefox, the worst of which could lead to remote code execution. Versions greater than or equal to 115.12.0:esr are affected.
c0ea0cef917b7d06f9c6d76a49568799519094420765d985e0df1bfda38e9c79
This is the official vulnerability disclosure report for CVEs CVE-2024-38881 through CVE-2024-38891 by jTag Labs. This report details critical security vulnerabilities found within Caterease, a product of Horizon Business Services Inc. These vulnerabilities have significant implications for the confidentiality, integrity, and availability of the software and the sensitive data it handles. The issues include problems like remote SQL injection, command injection, authentication bypass, hard-coded credentials, and more.
922dd24931dfc780dbe72f5070222b4450361d9b42c8b9a975582549453b4573
Red Hat Security Advisory 2024-4910-03 - An update for openssh is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a code execution vulnerability.
31ad06530a3b9261b5c3761192cdc67521bcaba5e2b4d611b7924a232d06e95d
Apple Security Advisory 07-29-2024-6 - macOS Monterey 12.7.6 addresses bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.
929caca30b5aa2cda92d44eb666bf01775f6d98165012b1c1517eef37b683896
Apple Security Advisory 07-29-2024-5 - macOS Ventura 13.6.8 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and spoofing vulnerabilities.
93e970c9d9534dec2ac727c8d034c1de7f39f9e4f3adde27b8a3d7b57cde5d6a
Apple Security Advisory 07-29-2024-4 - macOS Sonoma 14.6 addresses buffer overflow, bypass, code execution, information leakage, integer overflow, out of bounds access, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
ae832f20b8a382b80cfa8c55837cfb4ccc59d3ee288b95b2aba5d16400cc0192
Red Hat Security Advisory 2024-4613-03 - Red Hat OpenShift Container Platform release 4.16.4 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.
355ccc00bb55b345c4aeafbddbc3ad67407ae31976ea0ed5ff4d644b7d427ad2
Gentoo Linux Security Advisory 202407-27 - Multiple vulnerabilities have been discovered in ExifTool, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 12.42 are affected.
70b2c3a2a8c960c71bcd4a2608a6410fd215532ae908cfca040c366b7b0a7175
Red Hat Security Advisory 2024-4716-03 - An update for openssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a code execution vulnerability.
1ae4c0611972d7cbacf86e10dbee837eda7ff974919ea55126c29bd7332f6b4b
Red Hat Security Advisory 2024-4713-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and use-after-free vulnerabilities.
3a72ee436dc05f0c47719e8dbc954c6eb8dec748f207f0ae84336bb6fd1420e9
This Metasploit module chains two vulnerabilities to achieve authenticated remote code execution against Softing Secure Integration Server version 1.22. In CVE-2022-1373, the restore configuration feature is vulnerable to a directory traversal vulnerability when processing zip files. When using the "restore configuration" feature to upload a zip file containing a path traversal file which is a dll called ..\..\..\..\..\..\..\..\..\..\..\Windows\System32\wbem\wbemcomn.dll. This causes the file C:\Windows\System32\wbem\wbemcomn.dll to be created and executed upon touching the disk. In CVE-2022-2334, the planted wbemcomn.dll is used in a DLL hijacking attack when Softing Secure Integration Server restarts upon restoring configuration, which allows us to execute arbitrary code on the target system. The chain demonstrated in Pwn2Own used a signature instead of a password. The signature was acquired by running an ARP spoofing attack against the local network where the Softing SIS server was located. A username is also required for signature authentication. A custom DLL can be provided to use in the exploit instead of using the default MSF-generated one.
138c45447c1d3fa090b4666327e202412f377f34d7873c3c578299783f2b2a43
Adobe Commerce and Magento Open Source are affected by an XML injection vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction. Versions Affected include Adobe Commerce and Magento Open Source 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8, and earlier. This exploit uses the arbitrary file reading aspect of the issue to impersonate a user.
6dc2631d3032a832f090c548531e8b8f77ef41c5778c811973c0342b99b373e0
Red Hat Security Advisory 2024-4474-03 - Red Hat OpenShift Container Platform release 4.15.22 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.
8b05fbff3be87d05cc5cb35a50344b255b087e099c0d9b19c0b586d66498969c
XenForo versions 2.2.15 and below suffer from a remote code execution vulnerability in the Template system.
141922e324fd21737d323eaed2f53c7bc972900273dfc3e19ea72c0648544233
Red Hat Security Advisory 2024-4583-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include code execution and use-after-free vulnerabilities.
4ef86d7cb54e4f3530011c56c660939cad4f7c76d17bdcb218e74ff383401b36
Red Hat Security Advisory 2024-4484-03 - Red Hat OpenShift Container Platform release 4.13.45 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include bypass, code execution, and denial of service vulnerabilities.
5350d198aa06ae49596ba2ed5ff280329e49a58e6deeabdb3766b1be9d020afa
Red Hat Security Advisory 2024-4479-03 - Red Hat OpenShift Container Platform release 4.14.33 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.
62f4d99406e511fbc34fa18100b010668e6d3a596fbe8e605716778f269e6b60
Red Hat Security Advisory 2024-4469-03 - Red Hat OpenShift Container Platform release 4.16.3 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.
d50b062b23d678f0d2a88042e11ceb28c90818f048a7a16656344d716403c0b8