ZDI-24-1639: Hewlett Packard Enterprise Insight Remote Support processAtatchmentDataStream Directory Traversal Remote Code Execution Vulnerability

December 2, 2024

Read Time:14 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-53676.

USN-7171-1: PHPUnit vulnerability

It was discovered that PHPUnit incorrectly handled web requests if exposed to the internet. An attacker could possibly use this...

December 18, 2024

USN-7168-1: EditorConfig vulnerabilities

It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use...

December 18, 2024

dante-1.4.4-1.fc42

FEDORA-2024-e922e33593 Packages in this update: dante-1.4.4-1.fc42 Update description: Automatic update for dante-1.4.4-1.fc42. Changelog * Wed Dec 18 2024 Tim Semeijn...

December 18, 2024