ZDI-24-523: Phoenix Contact CHARX SEC-3100 Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 charging controllers. An attacker must first obtain the ability...
ZDI-24-522: (Pwn2Own) Phoenix Contact CHARX SEC-3100 Filename Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Although authentication is required to exploit this...
ZDI-24-521: (Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP charx_pack_logs Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this...
ZDI-24-520: (Pwn2Own) Phoenix Contact CHARX SEC-3100 Missing Encryption Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability....
ZDI-24-519: (Pwn2Own) Phoenix Contact CHARX SEC-3100 Untrusted Search Path Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 devices. An attacker must first obtain the ability to...
USN-6779-2: Firefox regressions
USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in...
DSA-5700-1 python-pymysql – security update
An SQL injection was discovered in pymysql, a pure Python MySQL driver. https://security-tracker.debian.org/tracker/DSA-5700-1 Read More
apptainer-1.3.2-1.fc39
FEDORA-2024-f4a65623e7 Packages in this update: apptainer-1.3.2-1.fc39 Update description: Update to upstream 1.3.2, including fix for CVE-2024-3727 Read More
apptainer-1.3.2-1.el7
FEDORA-EPEL-2024-fd5dac4a76 Packages in this update: apptainer-1.3.2-1.el7 Update description: Update to upstream 1.3.2, including fix for CVE-2024-3727 Read More
apptainer-1.3.2-1.el8
FEDORA-EPEL-2024-2235745ae4 Packages in this update: apptainer-1.3.2-1.el8 Update description: Update to upstream 1.3.2, including fix for CVE-2024-3727 Read More