Category Archives: Advisories

MetaFox Remote Shell Upload Exploit

Read Time:21 Second

Posted by j0ck1ng@tempr.email on Mar 13

#!/usr/bin/env python3# Exploit Title: MetaFox Remote Shell Upload# Google Dork: “Social network for niche
communities”# Exploit Author: The Joker# Vendor Homepage: https://www.phpfox.com# Version: <= 5.1.8import jsonimport
requestsimport sysif len(sys.argv) != 4:   sys.exit(“Usage: %s ” % sys.argv[0])   
requests.packages.urllib3.disable_warnings()endpoint = sys.argv[1] + “/api/v1/user/login”response =…

Read More

SEC Consult SA-20240307-0 :: Local Privilege Escalation via writable files in Checkmk Agent (CVE-2024-0670)

Read Time:21 Second

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Mar 13

SEC Consult Vulnerability Lab Security Advisory < 20240307-0 >
=======================================================================
title: Local Privilege Escalation via writable files
product: Checkmk Agent
vulnerable version: 2.0.0, 2.1.0, 2.2.0
fixed version: 2.1.0p40, 2.2.0p23, 2.3.0b1, 2.4.0b1
CVE number: CVE-2024-0670
impact: high
homepage: https://checkmk.com

Read More

HNS-2024-05 – HN Security Advisory – Multiple vulnerabilities in RT-Thread RTOS

Read Time:21 Second

Posted by Marco Ivaldi on Mar 13

Hi,

Please find attached a security advisory that describes multiple
vulnerabilities we discovered in RT-Thread RTOS.

* Title: Multiple vulnerabilities in RT-Thread RTOS
* OS: RT-Thread <= 5.0.2
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2024-03-05
* CVE IDs and advisory URLs:
* CVE-2024-24334 – https://github.com/RT-Thread/rt-thread/issues/8282
* CVE-2024-24335 -…

Read More

APPLE-SA-03-12-2024-1 GarageBand 10.4.11

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-12-2024-1 GarageBand 10.4.11

GarageBand 10.4.11 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214090.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

GarageBand
Available for: macOS Ventura and macOS Sonoma
Impact: Processing a maliciously crafted file may lead to…

Read More

APPLE-SA-03-07-2024-7 visionOS 1.1

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-07-2024-7 visionOS 1.1

visionOS 1.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214087.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: Apple Vision Pro
Impact: An app may be able to spoof system notifications and UI
Description: This…

Read More

APPLE-SA-03-07-2024-6 tvOS 17.4

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-07-2024-6 tvOS 17.4

tvOS 17.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214086.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: A malicious app may be able to observe user data in log…

Read More

APPLE-SA-03-07-2024-5 watchOS 10.4

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-07-2024-5 watchOS 10.4

watchOS 10.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214088.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: Apple Watch Series 4 and later
Impact: A malicious app may be able to observe user data in log…

Read More

APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4

macOS Monterey 12.7.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214083.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Admin Framework
Available for: macOS Monterey
Impact: An app may be able to elevate privileges
Description: A…

Read More

APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5

macOS Ventura 13.6.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214085.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Admin Framework
Available for: macOS Ventura
Impact: An app may be able to elevate privileges
Description: A…

Read More

APPLE-SA-03-07-2024-2 macOS Sonoma 14.4

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Mar 13

APPLE-SA-03-07-2024-2 macOS Sonoma 14.4

macOS Sonoma 14.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214084.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: macOS Sonoma
Impact: A malicious app may be able to observe user data in log entries…

Read More