ZDI-24-1633: Hewlett Packard Enterprise AutoPass License Server SQL Injection Information Disclosure Vulnerability

Read Time:14 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-51769.

USN-7363-1: PAM-PKCS#11 vulnerabilities

Marcus Rückert and Matthias Gerstner discovered that PAM-PKCS#11 did not properly handle certain return codes when authentication was not possible....

March 20, 2025

A Vulnerability in AMI MegaRAC Software Could Allow for Remote Code Execution

A vulnerability has been discovered in AMI MegaRAC Software, which could allow for remote code execution. MegaRAC is a product...

March 20, 2025

APPLE-SA-03-11-2025-4 visionOS 2.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-4 visionOS 2.3.2 visionOS 2.3.2 addresses the following issues. Information...

March 20, 2025

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2 macOS Sequoia 15.3.2 addresses the following...

March 20, 2025

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2 iOS 18.3.2 and iPadOS...

March 20, 2025

APPLE-SA-03-11-2025-1 Safari 18.3.1

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-1 Safari 18.3.1 Safari 18.3.1 addresses the following issues. Information...

March 20, 2025

BlackLock ransomware: What you need to know

FishMonger APT Group Linked to I-SOON in Espionage Campaigns

Critical GitHub Attack

Rooted Devices 250 Times More Vulnerable to Compromise

Smashing Security podcast #409: Peeping perverts and FBI phone calls

UK CNI Security Leaders Express Confidence in Cybersecurity, Despite 95% Breach Rate

UK Police Arrest 422 in Major Fraud Crackdown

Over Half a Million Hit by Pennsylvania Schools Union Breach

Supply-chain CAPTCHA attack hits over 100 car dealerships

ZDI-24-1633: Hewlett Packard Enterprise AutoPass License Server SQL Injection Information Disclosure Vulnerability

USN-7363-1: PAM-PKCS#11 vulnerabilities

A Vulnerability in AMI MegaRAC Software Could Allow for Remote Code Execution

APPLE-SA-03-11-2025-4 visionOS 2.3.2

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

APPLE-SA-03-11-2025-1 Safari 18.3.1