ZDI-24-1333: NVIDIA Onyx Directory Traversal Remote Code Execution Vulnerability

Read Time:13 Second

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NVIDIA Onyx switches. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-0113.

firefox-131.0.2-1.fc39

FEDORA-2024-f109ae6fc7 Packages in this update: firefox-131.0.2-1.fc39 Update description: Updated to latest upstream (131.0.2) Read More

October 9, 2024

firefox-131.0.2-1.fc41

FEDORA-2024-d85494e836 Packages in this update: firefox-131.0.2-1.fc41 Update description: Updated to latest upstream (131.0.2) Read More

October 9, 2024

USN-7059-1: OATH Toolkit vulnerability

Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite...

October 9, 2024

USN-7043-4: cups-filters vulnerabilities

USN-7043-1 fixed vulnerabilities in cups-filters. This update improves the fix for CVE-2024-47176 by removing support for the legacy CUPS printer...

October 9, 2024

USN-7042-2: cups-browsed vulnerability

USN-7042-1 fixed a vulnerability in cups-browsed. This update improves the fix by removing support for the legacy CUPS printer discovery...

October 9, 2024

Ivanti CSA (Cloud Services Appliance) zero-day Attack

What is the Attack?Attackers are actively exploiting multiple zero-day vulnerabilities affecting Ivanti CSA (Cloud Services Appliance) that could lead an...

October 9, 2024

Lamborghini Carjackers Lured by $243M Cyberheist

Apple’s iPhone Mirroring Flaw Exposes Employee Privacy Risks

New BeaverTail Malware Targets Job Seekers via Fake Recruiters

New Generation of Malicious QR Codes Uncovered by Researchers

UK Launches New Competition to Spur Cybersecurity Careers

Auto-Identification Smart Glasses

Australia Introduces First Standalone Cybersecurity Law

Enhancing Cyber Resilience in the Financial Services Industry

New EU Body to Centralize Complaints Against Facebook, TikTok, YouTube

ZDI-24-1333: NVIDIA Onyx Directory Traversal Remote Code Execution Vulnerability

firefox-131.0.2-1.fc39

firefox-131.0.2-1.fc41

USN-7059-1: OATH Toolkit vulnerability

USN-7043-4: cups-filters vulnerabilities

USN-7042-2: cups-browsed vulnerability

Ivanti CSA (Cloud Services Appliance) zero-day Attack