Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 20
No message preview for long message of 359314 bytes.
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 20
No message preview for long message of 359314 bytes.
Posted by Jeroen Hermans via Fulldisclosure on Oct 20
CloudAware Security Advisory
CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software
========================================================================
Summary
========================================================================
Bypass of Paxton Net2 API license. Possible leaking of PII and access to
admin functionality.
No physical access to computer running Paxton Net2 is required….
Enrique Nissim and Krzysztof Okupski discovered that some AMD processors
did not properly restrict access to the System Management Mode (SMM)
configuration when the SMM Lock was enabled. A privileged local attacker
could possibly use this issue to further escalate their privileges and
execute arbitrary code within the processor’s firmware layer.
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
prometheus-podman-exporter-1.13.3-1.el9
release 1.13.3
prometheus-podman-exporter-1.13.3-1.fc39
release 1.13.3
prometheus-podman-exporter-1.13.3-1.fc40
release 1.13.3
prometheus-podman-exporter-1.13.3-1.fc41
release 1.13.3
podman-tui-1.2.3-1.fc39
release 1.2.3
podman-tui-1.2.3-1.el9
release 1.2.3