ZDI-24-985: Microsoft Azure Service Fabric servicefabricsdkstorage Uncontrolled Search Path Element Remote Code Execution Vulnerability

July 29, 2024

Read Time:11 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Service Fabric for Microsoft Azure. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8.

pgbouncer-1.24.1-1.el9

FEDORA-EPEL-2025-be9d8a1131 Packages in this update: pgbouncer-1.24.1-1.el9 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

April 17, 2025

pgbouncer-1.24.1-2.el8

FEDORA-EPEL-2025-f59a1a28d0 Packages in this update: pgbouncer-1.24.1-2.el8 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

April 17, 2025

pgbouncer-1.24.1-2.fc40

FEDORA-2025-31397c2b6c Packages in this update: pgbouncer-1.24.1-2.fc40 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

April 17, 2025

pgbouncer-1.24.1-2.fc42

FEDORA-2025-25e04398c7 Packages in this update: pgbouncer-1.24.1-2.fc42 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

April 17, 2025

pgbouncer-1.24.1-2.el10_1

FEDORA-EPEL-2025-c1249be8e7 Packages in this update: pgbouncer-1.24.1-2.el10_1 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

April 17, 2025

pgbouncer-1.24.1-2.fc41

FEDORA-2025-d919f11f99 Packages in this update: pgbouncer-1.24.1-2.fc41 Update description: Update to 1.24.1, fixes CVE-2025-2291. Read More

April 17, 2025

Identity Attacks Now Comprise a Third of Intrusions

Microsoft Thwarts $4bn in Fraud Attempts

CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension

Network Edge Devices the Biggest Entry Point for Attacks on SMBs

ICO Issues Merseyside-Based Law Firm £60,000 Fine After Cyber-Attack

Smashing Security podcast #413: Hacking the hackers… with a credit card?

CVE Program Almost Unfunded

Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack

China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses

ZDI-24-985: Microsoft Azure Service Fabric servicefabricsdkstorage Uncontrolled Search Path Element Remote Code Execution Vulnerability

pgbouncer-1.24.1-1.el9

pgbouncer-1.24.1-2.el8

pgbouncer-1.24.1-2.fc40

pgbouncer-1.24.1-2.fc42

pgbouncer-1.24.1-2.el10_1

pgbouncer-1.24.1-2.fc41