Category Archives: Advisories

APPLE-SA-05-13-2024-5 macOS Ventura 13.6.7

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on May 14

APPLE-SA-05-13-2024-5 macOS Ventura 13.6.7

macOS Ventura 13.6.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214107.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Foundation
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A…

Read More

APPLE-SA-05-13-2024-4 macOS Sonoma 14.5

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on May 14

APPLE-SA-05-13-2024-4 macOS Sonoma 14.5

macOS Sonoma 14.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214106.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleAVD
Available for: macOS Sonoma
Impact: An app may be able to execute arbitrary code with kernel
privileges…

Read More

APPLE-SA-05-13-2024-3 iOS 16.7.8 and iPadOS 16.7.8

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on May 14

APPLE-SA-05-13-2024-3 iOS 16.7.8 and iPadOS 16.7.8

iOS 16.7.8 and iPadOS 16.7.8 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214100.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Foundation
Available for: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation,
iPad Pro…

Read More

APPLE-SA-05-13-2024-2 iOS 17.5 and iPadOS 17.5

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on May 14

APPLE-SA-05-13-2024-2 iOS 17.5 and iPadOS 17.5

iOS 17.5 and iPadOS 17.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214101.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AppleAVD
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation
and later, iPad Pro…

Read More

APPLE-SA-05-13-2024-1 Safari 17.5

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on May 14

APPLE-SA-05-13-2024-1 Safari 17.5

Safari 17.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214103.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Monterey and macOS Ventura
Impact: An attacker with arbitrary read and write capability may be able
to…

Read More

APPLE-SA-05-08-2024-1 iTunes 12.13.2 for Windows

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on May 14

APPLE-SA-05-08-2024-1 iTunes 12.13.2 for Windows

iTunes 12.13.2 for Windows addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214099.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

CoreMedia
Available for: Windows 10 and later
Impact: Parsing a file may lead to an unexpected app…

Read More

HNS-2024-07 – HN Security Advisory – Multiple vulnerabilities in RIOT OS

Read Time:22 Second

Posted by Marco Ivaldi on May 14

Hi,

Please find attached a security advisory that describes multiple
vulnerabilities we discovered in RIOT OS.

* Title: Multiple vulnerabilities in RIOT OS
* OS: RIOT <= 2024.01
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2024-05-07
* CVE ID and severity:
* CVE-2024-31225 – High
* CVE-2024-32017 – Critical
* CVE-2024-32018 – High
(low-severity vulnerabilities were not assigned a CVE ID)
* Vendor URL:…

Read More

[KIS-2024-04] Cacti <= 1.2.26 (import.php) Remote Code Execution Vulnerability

Read Time:15 Second

Posted by Egidio Romano on May 14

—————————————————————-
Cacti <= 1.2.26 (import.php) Remote Code Execution Vulnerability
—————————————————————-

[-] Software Link:

https://cacti.net

[-] Affected Versions:

Version 1.2.26 and prior versions.

[-] Vulnerability Description:

The vulnerability is located within the “import_package()” function
defined into the /lib/import.php script….

Read More