This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the Hydra library is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
Category Archives: Advisories
ZDI-23-843: (Pwn2Own) Samsung Galaxy S22 McsWebViewActivity Permissive List of Allowed Inputs Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S22 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-23-842: VMware Aria Operations for Networks exportPDF Code Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of VMware Aria Operations for Networks. Authentication is required to exploit this vulnerability.
ZDI-23-841: VMware Aria Operations for Networks getNotifiedEvents Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Aria Operations for Networks. Authentication is required to exploit this vulnerability.
ZDI-23-840: VMware Aria Operations for Networks createSupportBundle Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Aria Operations for Networks. Authentication is not required to exploit this vulnerability.
ZDI-23-839: NETGEAR RAX30 cmsCli_authenticate Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
ZDI-23-838: NETGEAR RAX30 Use of Hard-coded Credentials Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
ZDI-23-837: NETGEAR RAX30 USB Share Link Following Information Disclosure Vulnerability
This vulnerability allows physically present attackers to disclose sensitive information on affected installations of NETGEAR RAX30 routers. Authentication is not required to exploit this vulnerability.
mariadb-10.5.20-1.fc38
FEDORA-2023-381f23a0ae
Packages in this update:
mariadb-10.5.20-1.fc38
Update description:
MariaDB 10.5.20
Release notes:
mariadb-10.5.20-1.fc37
FEDORA-2023-b4ff407364
Packages in this update:
mariadb-10.5.20-1.fc37
Update description:
MariaDB 10.5.20
Release notes: