ZDI-24-1637: Hewlett Packard Enterprise Insight Remote Support getDocumentRootElement XML External Entity Processing Information Disclosure Vulnerability

December 2, 2024

Read Time:14 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are assigned: CVE-2024-53674.

APPLE-SA-03-11-2025-4 visionOS 2.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-4 visionOS 2.3.2 visionOS 2.3.2 addresses the following issues. Information...

March 20, 2025

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2 macOS Sequoia 15.3.2 addresses the following...

March 20, 2025

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2 iOS 18.3.2 and iPadOS...

March 20, 2025

APPLE-SA-03-11-2025-1 Safari 18.3.1

Posted by Apple Product Security via Fulldisclosure on Mar 20 APPLE-SA-03-11-2025-1 Safari 18.3.1 Safari 18.3.1 addresses the following issues. Information...

March 20, 2025

CVE-2019-16261 (UPDATE): Unauthenticated POST requests to Tripp Lite UPS Systems

Posted by Lucas Lalumière on Mar 20 [Author]: Lucas Lalumiere [Contact]: lucas.lalum () gmail com [Date]: 2025-3-17 [Vendor]: Tripp Lite...

March 20, 2025

USN-7360-1: Alpine vulnerabilities

It was discovered that Alpine did not use a secure connection under certain circumstances. A remote attacker could possibly use...

March 20, 2025

UK CNI Security Leaders Express Confidence in Cybersecurity, Despite 95% Breach Rate

UK Police Arrest 422 in Major Fraud Crackdown

Over Half a Million Hit by Pennsylvania Schools Union Breach

Supply-chain CAPTCHA attack hits over 100 car dealerships

NCSC Sets 2035 Deadline for Post-Quantum Cryptography Migration

DOGE to Fired CISA Staff: Email Us Your Personal Data

Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups

752,000 Browser Phishing Attacks Mark 140% Increase YoY

Brian Cox to Discuss Quantum Computing’s Impact at Infosecurity Europe 2025

ZDI-24-1637: Hewlett Packard Enterprise Insight Remote Support getDocumentRootElement XML External Entity Processing Information Disclosure Vulnerability

APPLE-SA-03-11-2025-4 visionOS 2.3.2

APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2

APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2

APPLE-SA-03-11-2025-1 Safari 18.3.1

CVE-2019-16261 (UPDATE): Unauthenticated POST requests to Tripp Lite UPS Systems

USN-7360-1: Alpine vulnerabilities