Read Time:6 Second
FEDORA-2024-8f83d0ed92
Packages in this update:
golang-x-crypto-0.31.0-2.fc40
Update description:
Fix CVE-2024-45337
Category Archives: Advisories
golang-x-crypto-0.31.0-2.fc41
Read Time:6 Second
FEDORA-2024-c33c95804e
Packages in this update:
golang-x-crypto-0.31.0-2.fc41
Update description:
Fix CVE-2024-45337
USN-7158-1: Smarty vulnerabilities
Read Time:28 Second
It was discovered that Smarty incorrectly handled query parameters in
requests. An attacker could possibly use this issue to inject arbitrary
Javascript code, resulting in denial of service or potential execution of
arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
(CVE-2018-25047, CVE-2023-28447)
It was discovered that Smarty did not properly sanitize user input when
generating templates. An attacker could, through PHP injection, possibly
use this issue to execute arbitrary code. (CVE-2024-35226)
A Vulnerability in Multiple Cleo Products Could Allow for Remote Code Execution
Read Time:28 Second
A vulnerability has been discovered in multiple Cleo products that could allow for remote code execution. Cleo’s LexiCom, VLTransfer, and Harmony is software that is commonly used to manage file transfers. Successful exploitation of this vulnerability could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
APPLE-SA-12-11-2024-9 Safari 18.2
Read Time:25 Second
Posted by Apple Product Security via Fulldisclosure on Dec 12
APPLE-SA-12-11-2024-9 Safari 18.2
Safari 18.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121846.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Safari
Available for: macOS Ventura and macOS Sonoma
Impact: On a device with Private Relay enabled, adding a website to the
Safari…
APPLE-SA-12-11-2024-8 visionOS 2.2
Read Time:24 Second
Posted by Apple Product Security via Fulldisclosure on Dec 12
APPLE-SA-12-11-2024-8 visionOS 2.2
visionOS 2.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121845.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Crash Reporter
Available for: Apple Vision Pro
Impact: An app may be able to access sensitive user data
Description: A permissions…
APPLE-SA-12-11-2024-7 tvOS 18.2
Read Time:25 Second
Posted by Apple Product Security via Fulldisclosure on Dec 12
APPLE-SA-12-11-2024-7 tvOS 18.2
tvOS 18.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121844.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
AppleMobileFileIntegrity
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: A malicious app may be able to access private…
APPLE-SA-12-11-2024-6 watchOS 11.2
Read Time:24 Second
Posted by Apple Product Security via Fulldisclosure on Dec 12
APPLE-SA-12-11-2024-6 watchOS 11.2
watchOS 11.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121843.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
AppleMobileFileIntegrity
Available for: Apple Watch Series 6 and later
Impact: A malicious app may be able to access private…
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
Read Time:25 Second
Posted by Apple Product Security via Fulldisclosure on Dec 12
APPLE-SA-12-11-2024-5 macOS Ventura 13.7.2
macOS Ventura 13.7.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121842.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Apple Software Restore
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data…
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
Read Time:25 Second
Posted by Apple Product Security via Fulldisclosure on Dec 12
APPLE-SA-12-11-2024-4 macOS Sonoma 14.7.2
macOS Sonoma 14.7.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121840.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
Apple Software Restore
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description:…