Local Privilege Escalations in needrestart
Posted by Qualys Security Advisory via Fulldisclosure on Nov 21 Qualys Security Advisory LPEs in needrestart (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003) ======================================================================== Contents ========================================================================...
APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2
Posted by Apple Product Security via Fulldisclosure on Nov 21 APPLE-SA-11-19-2024-4 iOS 17.7.2 and iPadOS 17.7.2 iOS 17.7.2 and iPadOS 17.7.2 addresses the following issues....
APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1
Posted by Apple Product Security via Fulldisclosure on Nov 21 APPLE-SA-11-19-2024-3 iOS 18.1.1 and iPadOS 18.1.1 iOS 18.1.1 and iPadOS 18.1.1 addresses the following issues....
APPLE-SA-11-19-2024-2 visionOS 2.1.1
Posted by Apple Product Security via Fulldisclosure on Nov 21 APPLE-SA-11-19-2024-2 visionOS 2.1.1 visionOS 2.1.1 addresses the following issues. Information about the security content is...
APPLE-SA-11-19-2024-1 Safari 18.1.1
Posted by Apple Product Security via Fulldisclosure on Nov 21 APPLE-SA-11-19-2024-1 Safari 18.1.1 Safari 18.1.1 addresses the following issues. Information about the security content is...
Reflected XSS – fronsetiav1.1
Posted by Andrey Stoykov on Nov 21 # Exploit Title: Reflected XSS - fronsetiav1.1 # Date: 11/2024 # Exploit Author: Andrey Stoykov # Version: 1.1...
XXE OOB – fronsetiav1.1
Posted by Andrey Stoykov on Nov 21 # Exploit Title: XXE OOB - fronsetiav1.1 # Date: 11/2024 # Exploit Author: Andrey Stoykov # Version: 1.1...
St. Poelten UAS | Path Traversal in Korenix JetPort 5601
Posted by Weber Thomas via Fulldisclosure on Nov 21 St. Pölten UAS 20241118-1 ------------------------------------------------------------------------------- title| Path Traversal product| Korenix JetPort 5601 vulnerable version| 1.2 fixed...
St. Poelten UAS | Multiple Stored Cross-Site Scripting in SEH utnserver Pro
Posted by Weber Thomas via Fulldisclosure on Nov 21 St. Pölten UAS 20241118-0 ------------------------------------------------------------------------------- title| Multiple Stored Cross-Site Scripting product| SEH utnserver Pro vulnerable version|...
Apple web content filter bypass allows unrestricted access to blocked content (macOS/iOS/iPadOS/visionOS/watchOS)
Posted by Nosebeard Labs on Nov 21 Dear colleagues, Nosebeard Labs is pleased to share its latest advisory, detailing a bypass of Apple's system wide...