ZDI-24-111: Allegra Hard-coded Credentials Authentication Bypass Vulnerability

Read Time:12 Second

This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2023-22360.

chromium-132.0.6834.83-1.fc40

FEDORA-2025-4c65803ea6 Packages in this update: chromium-132.0.6834.83-1.fc40 Update description: Update to 132.0.6834.83 * High CVE-2025-0434: Out of bounds memory access in...

January 16, 2025

chromium-132.0.6834.83-1.fc41

FEDORA-2025-d9219c6a43 Packages in this update: chromium-132.0.6834.83-1.fc41 Update description: Update to 132.0.6834.83 * High CVE-2025-0434: Out of bounds memory access in...

January 16, 2025

chromium-132.0.6834.83-1.el9

FEDORA-EPEL-2025-a5fa82b9fd Packages in this update: chromium-132.0.6834.83-1.el9 Update description: Update to 132.0.6834.83 * High CVE-2025-0434: Out of bounds memory access in...

January 16, 2025

chromium-132.0.6834.83-1.el10_0

FEDORA-EPEL-2025-1b6b7178a7 Packages in this update: chromium-132.0.6834.83-1.el10_0 Update description: Update to 132.0.6834.83 * High CVE-2025-0434: Out of bounds memory access in...

January 16, 2025

CVE-2024-48463

Posted by Rodolfo Tavares via Fulldisclosure on Jan 15 =====[ Tempest Security Intelligence - ADV-10/2024 ]========================== Bruno IDE Desktop prior...

January 16, 2025

CyberDanube Security Research 20250107-0 | Multiple Vulnerabilities in ABB AC500v3

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Jan 15 CyberDanube Security Research 20250107-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities in...

January 16, 2025

EU To Launch New Support Centre by 2026 to Boost Healthcare Cybersecurity

Smashing Security podcast #400: Hacker games, AI travel surveillance, and 25 years of IoT

CISA Launches Playbook to Boost AI Cybersecurity Collaboration

Multi-Cloud Adoption Surges Amid Rising Security Concerns

Chinese PlugX Malware Deleted in Global Law Enforcement Operation

Illicit Crypto-Inflows Set to Top $51bn in a Year

Phishing False Alarm

Fortinet Confirms Critical Zero-Day Vulnerability in Firewalls

Secureworks Exposes North Korean Links to Fraudulent Crowdfunding

ZDI-24-111: Allegra Hard-coded Credentials Authentication Bypass Vulnerability

chromium-132.0.6834.83-1.fc40

chromium-132.0.6834.83-1.fc41

chromium-132.0.6834.83-1.el9

chromium-132.0.6834.83-1.el10_0

CVE-2024-48463

CyberDanube Security Research 20250107-0 | Multiple Vulnerabilities in ABB AC500v3