Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 28

SEC Consult Vulnerability Lab Security Advisory < 20240925-0 >
=======================================================================
title: Uninstall Password Bypass
product: BlackBerry CylanceOPTICS Windows Installer Package
vulnerable version: CylanceOPTICS <3.3 MR2
                    CylanceOPTICS <3.2 MR5
      fixed version: CylanceOPTICS 3.3 MR2
CylanceOPTICS…

Read More

Posted by Patrick via Fulldisclosure on Sep 28

Document Title:
===============
Apple iOS 17.2.1 – Screen Time Passcode Retrieval (Mitigation Bypass)

Release Date:
=============
2024-09-24

Affected Product(s):
====================
Vendor: Apple Inc.
Product: Apple iOS 17.2.1 (possibly all < 18.0 excluding 18.0)

References:
====================
VIDEO PoC: https://www.youtube.com/watch?v=vVvk9TR7qMo

The vulnerability has been patched in the latest release of the operating
system (iOS…

Read More

Simone Margaritelli reported several vulnerabilities in cups-filters.
Missing validation of IPP attributes returned from an IPP server and
multiple bugs in the cups-browsed component can result in the execution
of arbitrary commands without authentication when a print job is
started.

https://security-tracker.debian.org/tracker/DSA-5778-1

Read More

Simone Margaritelli reported that cups, the Common UNIX Printing System,
does not properly sanitize IPP attributes when creating PPD files, which
may result in the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5779-1

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More

Post Content

Read More