Defense in depth — the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73
Posted by Stefan Kanthak on Sep 28 Hi @ll, <https://cwe.mitre.org/data/definitions/73.html> CWE-73: External Control of File Name or Path is a well-known and well-documented weakness. <https://seclists.org/fulldisclosure/2020/Mar/48>...
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 28 SEC Consult Vulnerability Lab Security Advisory < 20240925-0 > ======================================================================= title: Uninstall Password Bypass...
Apple iOS 17.2.1 – Screen Time Passcode Retrieval (Mitigation Bypass)
Posted by Patrick via Fulldisclosure on Sep 28 Document Title: =============== Apple iOS 17.2.1 - Screen Time Passcode Retrieval (Mitigation Bypass) Release Date: ============= 2024-09-24...
DSA-5778-1 cups-filters – security update
Simone Margaritelli reported several vulnerabilities in cups-filters. Missing validation of IPP attributes returned from an IPP server and multiple bugs in the cups-browsed component can...
DSA-5779-1 cups – security update
Simone Margaritelli reported that cups, the Common UNIX Printing System, does not properly sanitize IPP attributes when creating PPD files, which may result in the...