Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1
macOS Ventura 13.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121568 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
App Support
Available for: macOS Ventura
Impact: A malicious app may be able to run arbitrary shortcuts without
user…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1
macOS Sonoma 14.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121570 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
App Support
Available for: macOS Sonoma
Impact: A malicious app may be able to run arbitrary shortcuts without
user…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-3 macOS Sequoia 15.1
macOS Sequoia 15.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121564 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Apache
Impact: Multiple issues existed in Apache
Description: This is a vulnerability in open source code and Apple…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-2 iOS 17.7.1 and iPadOS 17.7.1
iOS 17.7.1 and iPadOS 17.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121567 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accessibility
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
2nd generation…
Posted by Apple Product Security via Fulldisclosure on Oct 28
APPLE-SA-10-28-2024-1 iOS 18.1 and iPadOS 18.1
iOS 18.1 and iPadOS 18.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121563 .
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Accessibility
Available for: iPhone XS and later
Impact: An attacker with physical access to a locked device…
Posted by Andrey Stoykov on Oct 28
# Exploit Title: Open Redirect / Reflected XSS – booked-schedulerv2.8.5
# Date: 10/2024
# Exploit Author: Andrey Stoykov
# Version: 2.8.5
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/10/friday-fun-pentest-series-13-reflected.html
https://msecureltd.blogspot.com/2024/10/friday-fun-pentest-series-12-open.html
Open Redirect:
Steps to Reproduce:
1. Login and intercept HTTP request with a proxy such as Burpsuite or ZAP
2….
Jan-Niklas Sohn discovered that a heap-based buffer overflow in the
_XkbSetCompatMap function in the X Keyboard Extension of the X.org X
server may result in privilege escalation if the X server is running
privileged.
https://security-tracker.debian.org/tracker/DSA-5800-1
FEDORA-2024-aa6e72c713
Packages in this update:
syncthing-1.28.0-1.fc41
Update description:
Update to version 1.28.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0
FEDORA-EPEL-2024-6caeb5a95f
Packages in this update:
syncthing-1.28.0-1.el9
Update description:
Update to version 1.28.0.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.28.0
Posts navigation
News, Advisories and much more