This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The ZDI has assigned a CVSS rating of 7.2. The following CVEs are assigned: CVE-2024-22504.
More Stories
APPLE-SA-01-27-2025-9 Safari 18.3
Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-9 Safari 18.3 Safari 18.3 addresses the following issues. Information...
APPLE-SA-01-27-2025-8 tvOS 18.3
Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-8 tvOS 18.3 tvOS 18.3 addresses the following issues. Information...
APPLE-SA-01-27-2025-7 watchOS 11.3
Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-7 watchOS 11.3 watchOS 11.3 addresses the following issues. Information...
APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3
Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-6 macOS Ventura 13.7.3 macOS Ventura 13.7.3 addresses the following...
APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3
Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-5 macOS Sonoma 14.7.3 macOS Sonoma 14.7.3 addresses the following...
APPLE-SA-01-27-2025-4 macOS Sequoia 15.3
Posted by Apple Product Security via Fulldisclosure on Jan 27 APPLE-SA-01-27-2025-4 macOS Sequoia 15.3 macOS Sequoia 15.3 addresses the following...