Category Archives: Advisories

USN-7033-1: Intel Microcode vulnerabilities

Read Time:22 Second

It was discovered that some Intel(R) Processors did not properly restrict
access to the Running Average Power Limit (RAPL) interface. This may allow
a local privileged attacker to obtain sensitive information.
(CVE-2024-23984)

It was discovered that some Intel(R) Processors did not properly implement
finite state machines (FSMs) in hardware logic. This may allow a local
privileged attacker to cause a denial of service (system crash).
(CVE-2024-24968)

Read More

USN-7031-2: Puma vulnerability

Read Time:20 Second

USN-7031-1 fixed CVE-2024-45614 in Puma for Ubuntu 24.04 LTS.
This update fixes the CVE for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS.

Original advisory details:

It was discovered that Puma incorrectly handled parsing certain headers.
A remote attacker could possibly use this issue to overwrite header values
set by intermediate proxies by providing duplicate headers containing
underscore characters.

Read More

USN-7030-1: py7zr vulnerability

Read Time:13 Second

It was discovered that py7zr was vulnerable to path traversal attacks.
If a user or automated system were tricked into extracting a specially
crafted 7z archive, an attacker could possibly use this issue to write
arbitrary files outside the target directory on the host.

Read More

CyberDanube Security Research 20240919-0 | Multiple Vulnerabilities in Netman204

Read Time:15 Second

Posted by Thomas Weber via Fulldisclosure on Sep 23

CyberDanube Security Research 20240919-0
——————————————————————————-
title| Multiple Vulnerabilities
product| Netman 204
vulnerable version| 4.05
fixed version| –
CVE number| CVE-2024-8877, CVE-2024-8878
impact| High
homepage| https://www.riello-ups.com/
found| 2024-05-17
by| D….

Read More