ZDI-24-1214: Ivanti Endpoint Manager GetVulnerabilitiesDataTable SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The ZDI...
ZDI-24-1213: Ivanti Endpoint Manager loadMouseTable SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is required to exploit this vulnerability. The ZDI...
ZDI-24-1212: Ivanti Endpoint Manager ImportXml XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The...
ZDI-24-1211: Ivanti Endpoint Manager WasPreviouslyMapped SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. User interaction is required to exploit this vulnerability in...
frr-8.5.5-2.fc39
FEDORA-2024-2fff2b9a18 Packages in this update: frr-8.5.5-2.fc39 Update description: Fix for CVE-2024-44070 Read More
USN-6998-1: Unbound vulnerabilities
It was discovered that Unbound incorrectly handled string comparisons, which could lead to a NULL pointer dereference. An attacker could potentially use this issue to...
DSA-5768-1 chromium – security update
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. https://security-tracker.debian.org/tracker/DSA-5768-1 Read More
KL-001-2024-012: VICIdial Authenticated Remote Code Execution
Posted by KoreLogic Disclosures via Fulldisclosure on Sep 10 KL-001-2024-012: VICIdial Authenticated Remote Code Execution Title: VICIdial Authenticated Remote Code Execution Advisory ID: KL-001-2024-012 Publication...
KL-001-2024-011: VICIdial Unauthenticated SQL Injection
Posted by KoreLogic Disclosures via Fulldisclosure on Sep 10 KL-001-2024-011: VICIdial Unauthenticated SQL Injection Title: VICIdial Unauthenticated SQL Injection Advisory ID: KL-001-2024-011 Publication Date: 2024-09-10...
frr-9.1.1-2.fc40
FEDORA-2024-1b36a483cc Packages in this update: frr-9.1.1-2.fc40 Update description: Fix for CVE-2024-44070 Read More