Category Archives: Advisories

APPLE-SA-12-11-2024-6 watchOS 11.2

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2024-6 watchOS 11.2

watchOS 11.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121843.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleMobileFileIntegrity
Available for: Apple Watch Series 6 and later
Impact: A malicious app may be able to access private…

Read More

APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2

macOS Ventura 13.7.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121842.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Apple Software Restore
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data…

Read More

APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2

macOS Sonoma 14.7.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121840.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Apple Software Restore
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description:…

Read More

APPLE-SA-12-11-2024-3 macOS Sequoia 15.2

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2024-3 macOS Sequoia 15.2

macOS Sequoia 15.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121839.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Apple Software Restore
Available for: macOS Sequoia
Impact: An app may be able to access user-sensitive data
Description:…

Read More

APPLE-SA-12-11-2024-2 iPadOS 17.7.3

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2024-2 iPadOS 17.7.3

iPadOS 17.7.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121838.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

FontParser
Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch,
and iPad 6th generation
Impact: Processing a…

Read More

APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2

iOS 18.2 and iPadOS 18.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121837.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleMobileFileIntegrity
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd…

Read More

SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login

Read Time:16 Second

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Dec 12

SEC Consult Vulnerability Lab Security Advisory < 20241211-0 >
=======================================================================
title: Reflected Cross-Site Scripting
product: Numerix License Server Administration System Login
vulnerable version: 1.1_596
fixed version: –
CVE number: CVE-2024-50585
impact: medium
homepage: https://connect.numerix.com/nlslogin.jsp

Read More

St. Poelten UAS | Multiple Vulnerabilities in ORing IAP

Read Time:15 Second

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 12

St. Pölten UAS 20241209-0
——————————————————————————-
title| Multiple Vulnerabilities in ORing IAP
product| ORing IAP-420
vulnerable version| 2.01e
fixed version| –
CVE number| CVE-2024-55544, CVE-2024-55545, CVE-2024-55546,
| CVE-2024-55547, CVE-2024-55548
impact| High
homepage|…

Read More

USN-7159-1: Linux kernel vulnerabilities

Read Time:44 Second

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– ARM32 architecture;
– ARM64 architecture;
– S390 architecture;
– x86 architecture;
– Power management core;
– GPU drivers;
– InfiniBand drivers;
– Network drivers;
– S/390 drivers;
– TTY drivers;
– BTRFS file system;
– EROFS file system;
– F2FS file system;
– File systems infrastructure;
– BPF subsystem;
– Socket messages infrastructure;
– Bluetooth subsystem;
– Ethernet bridge;
– Networking core;
– IPv4 networking;
– SELinux security module;
(CVE-2022-48938, CVE-2024-42156, CVE-2024-36953, CVE-2024-38538,
CVE-2021-47501, CVE-2024-42068, CVE-2024-26947, CVE-2024-46724,
CVE-2024-36968, CVE-2023-52497, CVE-2024-35951, CVE-2023-52488,
CVE-2024-44940, CVE-2022-48733, CVE-2023-52498, CVE-2022-48943,
CVE-2024-35904, CVE-2024-42077, CVE-2024-36938, CVE-2023-52639,
CVE-2024-42240, CVE-2024-44942, CVE-2021-47076)

Read More