Apple Security Advisory 03-25-2024-1 - Safari 17.4.1 addresses code execution and out of bounds write vulnerabilities.
f471ba7362f0f2b90319b73a7dc453ffcc58fe3527cb6cd08febf40e4748b5be
Red Hat Security Advisory 2024-1557-03 - An update is now available for Red Hat OpenShift Builds 1.0. Issues addressed include denial of service and traversal vulnerabilities.
d29131168c6739c5f0e4cc9ca1fc6e36a8598723c0d447439443d07a778f5f03
Apple Security Advisory 03-25-2024-2 - macOS Sonoma 14.4.1 addresses code execution and out of bounds write vulnerabilities.
aa1fea3125ddd9a33b68d4eb2f5f45f2cb316680beb32f3c34b1ae1698937f06
Asterisk AMI version 18.20.0 suffers from authenticated partial file content and path disclosure vulnerabilities.
616b45986a6e97b2ba327758ffa9a1c224a4e92e3b4968de364f6df455139bbc
Apple Security Advisory 03-25-2024-3 - macOS Ventura 13.6.6 addresses code execution and out of bounds write vulnerabilities.
ced72f1a9374599bb4ba896407973597325dc34e5418151e9fa366065fa1f9d8
Red Hat Security Advisory 2024-1536-03 - An update is now available for Red Hat Satellite 6.14 for RHEL 8. Issues addressed include HTTP request smuggling and traversal vulnerabilities.
eb930194ee9cf88e226f35b810197dba620e4cc5d5aeb5b34c0d4e54a42ca89d
Apple Security Advisory 03-25-2024-4 - iOS 17.4.1 and iPadOS 17.4.1 addresses code execution and out of bounds write vulnerabilities.
ceab5dd799ddb939189e79021c2f1d622c446cfe144dea7adf0dbd70424e40fa
Apple Security Advisory 03-25-2024-5 - iOS 16.7.7 and iPadOS 16.7.7 addresses code execution and out of bounds write vulnerabilities.
5bc9f5a465daf6c01eafe47f409754a8dc438cf7a836b5c8c0b26ebed5c0c02d
Apple Security Advisory 03-25-2024-6 - visionOS 1.1.1 addresses code execution and out of bounds write vulnerabilities.
8c123b617f14c41dd8dc96e429bbcda84aa23f8f85b36dacd50674f85407e7b5
This Metasploit module exploits two vulnerabilities in Sharepoint 2019 - an authentication bypass as noted in CVE-2023-29357 which was patched in June of 2023 and CVE-2023-24955 which was a remote command execution vulnerability patched in May of 2023. The authentication bypass allows attackers to impersonate the Sharepoint Admin user. This vulnerability stems from the signature validation check used to verify JSON Web Tokens (JWTs) used for OAuth authentication. If the signing algorithm of the user-provided JWT is set to none, SharePoint skips the signature validation step due to a logic flaw in the ReadTokenCore() method. After impersonating the administrator user, the attacker has access to the Sharepoint API and is able to exploit CVE-2023-24955. This authenticated remote command execution vulnerability leverages the impersonated privileged account to replace the /BusinessDataMetadataCatalog/BDCMetadata.bdcm file in the webroot directory with a payload. The payload is then compiled and executed by Sharepoint allowing attackers to remotely execute commands via the API.
3b1724367c87a328eb0a2106c305037f2a413ec6310fe39613f91e443e4e1a9c
Red Hat Security Advisory 2024-1510-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and privilege escalation vulnerabilities.
c4e6147191f85484eee5ae21e78a7706257747db690704310b707b291d30af6c
Insurance Management System PHP and MySQL version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
57a616cd0cf4b87402d807007a9cc4baf3849c77c283470d324acd935adbc001
Red Hat Security Advisory 2024-1500-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
c05f8f74cc8a662e477728100ce6bcdd582daa8a8b25edec9d157bea7fcf1396
Red Hat Security Advisory 2024-1499-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
4c35312ed656f58e5e77883ac99c6d4277c212a2120cbc8392c9387665c90811
Red Hat Security Advisory 2024-1497-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
694916cc7f93ef561a4faa6e4737263c6cb158372d7f2f807cc33d8f3ad9986b
Red Hat Security Advisory 2024-1496-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
7f4ff279933caca7c3743c461957b45d21d77941725aa2ac85b04d5e1ce0acb3
Red Hat Security Advisory 2024-1491-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
945623663f2172096c6b71e3b08fdabe05c8a47439dd5ff05a8e7b4e291dc27a
Red Hat Security Advisory 2024-1490-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
ff89bb1e11cbe0562a24cf57e66f3825dcb41bc7cd1d8ebc94e15ab4bbdd16e0
Red Hat Security Advisory 2024-1489-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
86bc89a9b35a07fa4157edb431950ea320dbafa5691bafdddeddeb1a3c184da5
Red Hat Security Advisory 2024-1488-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
6bf37a4b678fce20bf909634fe2de254458bf2ea9e41119e298ea3af53f80f9c
Red Hat Security Advisory 2024-1487-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
7c27cfc7e2501f297c9a798bd9de71a80591b82191a8429e1542992a7cd7ad91
Red Hat Security Advisory 2024-1486-03 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include integer overflow, out of bounds write, and use-after-free vulnerabilities.
dade356857652e398da063a21b88de38dbffc67ef3cf5758ae9330710bfae8c5
Debian Linux Security Advisory 5647-1 - Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix, which might result in denial of service or information disclosure.
1bf3eff1b405cc8734e78a924bf59118ea64667832f1c6ee614a890520f6a767
Debian Linux Security Advisory 5646-1 - Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site scripting, SQL injection, or command injection.
d9158a48c8ed071329b9eb3eddd4e00641007c015236908127fc8e2d8c7008c6
Red Hat Security Advisory 2024-1372-03 - An update for the redhat-ds:11 module is now available for Red Hat Directory Server 11.7 for RHEL 8. Issues addressed include denial of service and heap overflow vulnerabilities.
ddf23f225606b6f1989547d25db25b128063011c571c429f2794c27c4ca9d3b8