Category Archives: Advisories

Advisories

APPLE-SA-10-28-2024-7 tvOS 18.1

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-7 tvOS 18.1

tvOS 18.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121569.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

App Support
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: A malicious app may be able to run arbitrary shortcuts without…

Read More

Advisories

APPLE-SA-10-28-2024-6 watchOS 11.1

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-6 watchOS 11.1

watchOS 11.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121565.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: Apple Watch Series 6 and later
Impact: An attacker with physical access to a locked device may be able
to…

Read More

Advisories

APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1

macOS Ventura 13.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121568.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

App Support
Available for: macOS Ventura
Impact: A malicious app may be able to run arbitrary shortcuts without
user…

Read More

Advisories

APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1

Read Time:25 Second

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1

macOS Sonoma 14.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121570.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

App Support
Available for: macOS Sonoma
Impact: A malicious app may be able to run arbitrary shortcuts without
user…

Read More

Advisories

APPLE-SA-10-28-2024-3 macOS Sequoia 15.1

Read Time:24 Second

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-3 macOS Sequoia 15.1

macOS Sequoia 15.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121564.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Apache
Impact: Multiple issues existed in Apache
Description: This is a vulnerability in open source code and Apple…

Read More

Advisories

APPLE-SA-10-28-2024-2 iOS 17.7.1 and iPadOS 17.7.1

Read Time:27 Second

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-2 iOS 17.7.1 and iPadOS 17.7.1

iOS 17.7.1 and iPadOS 17.7.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121567.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
2nd generation…

Read More

Advisories

APPLE-SA-10-28-2024-1 iOS 18.1 and iPadOS 18.1

Read Time:26 Second

Posted by Apple Product Security via Fulldisclosure on Oct 28

APPLE-SA-10-28-2024-1 iOS 18.1 and iPadOS 18.1

iOS 18.1 and iPadOS 18.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121563.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

Accessibility
Available for: iPhone XS and later
Impact: An attacker with physical access to a locked device…

Read More

Advisories

Open Redirect / Reflected XSS – booked-schedulerv2.8.5

Read Time:24 Second

Posted by Andrey Stoykov on Oct 28

# Exploit Title: Open Redirect / Reflected XSS – booked-schedulerv2.8.5
# Date: 10/2024
# Exploit Author: Andrey Stoykov
# Version: 2.8.5
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/10/friday-fun-pentest-series-13-reflected.html
https://msecureltd.blogspot.com/2024/10/friday-fun-pentest-series-12-open.html

Open Redirect:

Steps to Reproduce:

1. Login and intercept HTTP request with a proxy such as Burpsuite or ZAP
2….

Read More