ZDI-24-1082: (0Day) (Pwn2Own) oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability

Read Time:16 Second

This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-7542.

DSA-5894-1 jetty9 – security update

Jetty 9 is a Java based web server and servlet engine. Several security vulnerabilities have been discovered which may allow...

April 5, 2025

DSA-5893-1 tomcat10 – security update

A security vulnerability was found in Tomcat 10, a Java based web server and servlet engine. A malicious user was...

April 5, 2025

GLSA 202504-01: XZ Utils: Use after free

Post Content Read More

April 5, 2025

USN-7402-3: Linux kernel (NVIDIA) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

April 4, 2025

webkitgtk-2.48.1-2.fc40

FEDORA-2025-256a86d7c8 Packages in this update: webkitgtk-2.48.1-2.fc40 Update description: Limit the data stored in session state. Remove the empty area below...

April 4, 2025

webkitgtk-2.48.1-2.fc41

FEDORA-2025-059585d039 Packages in this update: webkitgtk-2.48.1-2.fc41 Update description: Limit the data stored in session state. Remove the empty area below...

April 4, 2025

Friday Squid Blogging: Two-Man Giant Squid

Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses

Troy Hunt Gets Phished

Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw

Major Online Platform for Child Exploitation Dismantled

CrushFTP Vulnerability Exploited Following Disclosure Issues

HellCat ransomware: what you need to know

Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware

ZDI-24-1082: (0Day) (Pwn2Own) oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability

DSA-5894-1 jetty9 – security update

DSA-5893-1 tomcat10 – security update

GLSA 202504-01: XZ Utils: Use after free

USN-7402-3: Linux kernel (NVIDIA) vulnerabilities

webkitgtk-2.48.1-2.fc40

webkitgtk-2.48.1-2.fc41