ZDI-24-1639: Hewlett Packard Enterprise Insight Remote Support processAtatchmentDataStream Directory Traversal Remote Code Execution Vulnerability

December 2, 2024

Read Time:14 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-53676.

perl-Plack-Middleware-Session-0.36-1.fc42

FEDORA-2025-ca07c36a0a Packages in this update: perl-Plack-Middleware-Session-0.36-1.fc42 Update description: This update upgrade the package to version 0.36. This version fixes CVE-2025-40923...

September 7, 2025

perl-Catalyst-Plugin-Session-0.44-1.fc42

FEDORA-2025-90d5989bee Packages in this update: perl-Catalyst-Plugin-Session-0.44-1.fc42 Update description: This update upgrade the package to version 0.44. This version fixes CVE-2025-40924...

September 7, 2025

perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc42

FEDORA-2025-d72429a1f8 Packages in this update: perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc42 Update description: This update upgrade the package to version 1.019. This version fixes CVE-2025-40920...

September 7, 2025

DSA-5994-1 shibboleth-sp – security update

Florian Stuhlmann discovered a SQL vulnerability in the ODBC plugin in the Shibboleth Service Provider which may result in information...

September 7, 2025

libopenmpt-0.8.3-1.el10_0

FEDORA-EPEL-2025-dc43510de4 Packages in this update: libopenmpt-0.8.3-1.el10_0 Update description: libopenmpt 0.8.3 (2025-09-06) [Bug] libopenmpt is now compatible with most non-standard builds...

September 6, 2025

libopenmpt-0.8.3-1.el10_2

FEDORA-EPEL-2025-3f414a0955 Packages in this update: libopenmpt-0.8.3-1.el10_2 Update description: libopenmpt 0.8.3 (2025-09-06) [Bug] libopenmpt is now compatible with most non-standard builds...

September 6, 2025

GOP Cries Censorship Over Spam Filters That Work

Friday Squid Blogging: The Origin and Propagation of Squid

My Latest Book: Rewiring Democracy

Bridgestone Confirms “Limited Cyber Incident” Impacting Facilities in North America

Germany charges hacker with Rosneft cyberattack in latest wake-up call for critical infrastructure

Parents warned that robot toys spied on children’s location without consent

South Carolina School District Data Breach Affects 31,000 People

macOS Stealer Campaign Uses “Cracked” App Lures to Bypass Apple Security

GPT-4o-mini Falls for Psychological Manipulation

ZDI-24-1639: Hewlett Packard Enterprise Insight Remote Support processAtatchmentDataStream Directory Traversal Remote Code Execution Vulnerability

perl-Plack-Middleware-Session-0.36-1.fc42

perl-Catalyst-Plugin-Session-0.44-1.fc42

perl-Catalyst-Authentication-Credential-HTTP-1.019-1.fc42

DSA-5994-1 shibboleth-sp – security update

libopenmpt-0.8.3-1.el10_0

libopenmpt-0.8.3-1.el10_2