This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3.
Category Archives: Advisories
ZDI-24-1100: SMARTBEAR SoapUI unpackageAll Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SMARTBEAR SoapUI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-7565.
ZDI-24-1101: Apple macOS Metal Framework KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the Metal framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-27802.
CyberDanube Security Research 20240805-0 | Multiple Vulnerabilities in JetPort Series
Posted by Thomas Weber via Fulldisclosure on Aug 05
CyberDanube Security Research 20240805-0
——————————————————————————-
title| Multiple Vulnerabilities in JetPort Series
product| Korenix JetPort Series
vulnerable version| 1.2
fixed version| None
CVE number| CVE-2024-7395, CVE-2024-7396, CVE-2024-7397
impact| High
homepage| https://www.korenix.com/…
CVE-2024-40101 exploit: Reflected Cross-Site Scripting (XSS) on Microweber
Posted by masquerad3r on Aug 05
Hello team,
Please find the attached POC for CVE-2024-40101 for publication.
Regards,
Prerak Mittal
# Exploit Title: Microweber <=v2.0.15 – Reflected Cross-Site Scripting (XSS)
# Date: 16.07.2024
# Exploit Author: Prerak Mittal
# Vendor Homepage: https://microweber.org/
# Software Link: https://github.com/microweber/microweber/releases/tag/v2.0.15
# Version: <=v2.0.15
# Tested on: Ubuntu 22.04
# CVE : CVE-2024-40101
# Description:
## App…
GLSA 202408-02: Mozilla Firefox: Multiple Vulnerabilities
GLSA 202408-01: containerd: Multiple Vulnerabilities
DSA-5738-1 openjdk-17 – security update
Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service, information disclosure or bypass
of Java sandbox restrictions.
DSA-5739-1 wpa – security update
Rory McNamara reported a local privilege escalation in wpasupplicant: A
user able to escalate to the netdev group can load arbitrary shared
object files in the context of the wpa_supplicant process running as
root.
microcode_ctl-2.1-61.1.fc40
FEDORA-2024-96f3c3f3d3
Packages in this update:
microcode_ctl-2.1-61.1.fc40
Update description:
Update to upstream 2.1-43. 20240531
Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c;
Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at revision 0x4121;
Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) at revision 0x4121;
Addition of 06-ba-08/0xe0 microcode at revision 0x4121;
Addition of 06-cf-01/0x87 (EMR-SP A0) microcode at revision 0x21000230;
Addition of 06-cf-02/0x87 (EMR-SP A1) microcode (in intel-ucode/06-cf-01) at revision 0x21000230;
Addition of 06-cf-01/0x87 (EMR-SP A0) microcode (in intel-ucode/06-cf-02) at revision 0x21000230;
Addition of 06-cf-02/0x87 (EMR-SP A1) microcode at revision 0x21000230;
Removal of 06-8f-04/0x10 microcode at revision 0x2c000290;
Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision 0x2b0004d0;
Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-04) at revision 0x2c000290;
Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0;
Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) at revision 0x2c000290;
Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-04) at revision 0x2b0004d0;
Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000181 up to 0x1000191;
Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003604 up to 0x4003605;
Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision 0x5003604 up to 0x5003605;
Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002703 up to 0x7002802;
Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision 0xe000014 up to 0xe000015;
Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x38 up to 0x3e;
Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003b9 up to 0xd0003d1;
Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000268 up to 0x1000290;
Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3e up to 0x42;
Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x22 up to 0x24;
Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc2 up to 0xc4;
Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode from revision 0xb4 up to 0xb6;
Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x34 up to 0x36;
Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x4e up to 0x50;
Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) microcode from revision 0xf8 up to 0xfa;
Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-06/0x10 microcode from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision 0x2c000290 up to 0x2c000390;
Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision 0x2b0004d0 up to 0x2b0005c0;
Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x17 up to 0x19;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision 0x32 up to 0x35;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) from revision 0x32 up to 0x35;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x32 up to 0x35;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) from revision 0x32 up to 0x35;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision 0x430 up to 0x433;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in intel-ucode/06-9a-03) from revision 0x430 up to 0x433;
Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in intel-ucode/06-9a-04) from revision 0x430 up to 0x433;
Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x430 up to 0x433;
Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x5 up to 0x7;
Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000024 up to 0x24000026;
Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode from revision 0xf4 up to 0xf8;
Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode from revision 0xf4 up to 0xf6;
Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode from revision 0xf4 up to 0xf6;
Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode from revision 0xfa up to 0xfc;
Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf8 up to 0xfa;
Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf8 up to 0xfa;
Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf8 up to 0xfa;
Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf8 up to 0xfa;
Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision 0xf8 up to 0xfa;
Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5d up to 0x5e;
Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x11d up to 0x123;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision 0x411c up to 0x4121;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in intel-ucode/06-ba-02) from revision 0x411c up to 0x4121;
Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in intel-ucode/06-ba-03) from revision 0x411c up to 0x4121;
Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x411c up to 0x4121;
Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x12 up to 0x17;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35;
Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x32 up to 0x35;
Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) from revision 0x32 up to 0x35;
Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35;
Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35;
Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) from revision 0x32 up to 0x35;
Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x32 up to 0x35.
Addresses CVE-2023-22655, CVE-2023-23583. CVE-2023-28746, CVE-2023-38575, CVE-2023-39368, CVE-2023-42667, CVE-2023-43490, CVE-2023-45733, CVE-2023-46103, CVE-2023-49141