ZDI-24-579: Apple macOS PPM Image Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this...
ZDI-24-578: Apple macOS CoreGraphics Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. User interaction is required to exploit this vulnerability in that...
ZDI-24-582: SEW-EURODRIVE MOVITOOLS MotionStudio XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote atttackers to disclose sensitive information on affected installations of SEW-EURODRIVE MOVITOOLS MotionStudio. User interaction is required to exploit this vulnerability in...
ZDI-24-581: Microsoft Azure SQL Managed Instance Documentation SAS Token Incorrect Permission Assignment Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on Microsoft Azure. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS...
ZDI-24-580: Microsoft Artifact Registry Container Images Empty Password Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Microsoft Artifact Registry Container images. Authentication is not required to exploit this vulnerability....
USN-6813-1: OpenJDK 21 vulnerabilities
It was discovered that the Hotspot component of OpenJDK 21 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this...
USN-6812-1: OpenJDK 17 vulnerabilities
It was discovered that the Hotspot component of OpenJDK 17 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this...
USN-6811-1: OpenJDK 11 vulnerabilities
It was discovered that the Hotspot component of OpenJDK 11 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this...
USN-6810-1: OpenJDK 8 vulnerabilities
It was discovered that the Hotspot component of OpenJDK 8 incorrectly handled certain exceptions with specially crafted long messages. An attacker could possibly use this...
Oracle WebLogic Server Vulnerabilities (CVE-2023-21839, CVE-2017-3506)
What is the attack?A threat actor known as “8220 Gang” is seen exploiting two vulnerabilities in the Oracle WebLogic server: CVE-2017-3506, which allows remote OS...