Snapdragon Auto, Snapdragon Mobile Security Vulnerabilities

CVE-2024-29999 Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

CVE-2024-29998 Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

CVE-2024-29998 Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

CVE-2024-29997 Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

CVE-2024-29997 Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

CVE-2024-4737

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/vendor. The manipulation of the argument company_name/mobile leads to cross site scripting. It is possible to initiate the attack...

CVE-2024-4737

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/vendor. The manipulation of the argument company_name/mobile leads to cross site scripting. It is possible to initiate the attack...

CVE-2024-22064

ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked,...

CVE-2024-22064

ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked,...

Exploit for CVE-2024-27956

WordPress Admin Account Creation and Reverse Shell...

Exploit for CVE-2024-27956

WordPress Admin Account Creation and Reverse Shell...

CVE-2023-37526

HCL DRYiCE Lucy (now AEX) is affected by a Cross Origin Resource Sharing (CORS) vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning...

CVE-2023-37526

HCL DRYiCE Lucy (now AEX) is affected by a Cross Origin Resource Sharing (CORS) vulnerability. The mobile app is vulnerable to a CORS misconfiguration which could potentially allow unauthorized access to the application resources from any web domain and enable cache poisoning...

Talos joins CISA to counter cyber threats against non-profits, activists and other at-risk communities

Cisco Talos is delighted to share updates about our ongoing partnership with the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to combat cybersecurity threats facing civil society organizations. Talos has partnered with CISA on several initiatives through the Joint Cyber Defense...

Microsoft Intune for Android Mobile Application Management Tampering Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

May 14, 2024—KB5037770 (OS Build 22000.2960)

May 14, 2024—KB5037770 (OS Build 22000.2960) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 21H2, see its update history page. Note Follow @WindowsUpdate to find out...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

...

Intel Graphics Command Center Service Software May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Graphics Command Center Service software (bundled in some Intel® Graphics Windows DCH driver software), which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential...

Intel BIOS Guard and PPAM Firmware May 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® BIOS Guard and Platform Properties Assessment Module (PPAM) firmware, which might allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Intel has released updates...

HP Sure Admin Security Update

A potential security vulnerability has been identified in certain HP PC products using HP Sure Admin, which might allow escalation of privilege. HP is releasing mitigation for the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that...

Intel Arc™ & Iris® Xe Graphics Software May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Arc™ & Iris® Xe Graphics software which may allow escalation of privilege. Intel is releasing updates to mitigate the potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP has...

KB5037782: Windows 2022 / Azure Stack HCI 22H2 Security Update (May 2024)

The remote Windows host is missing security update 5037782 or Azure HotPatch 5037848. It is, therefore, affected by multiple vulnerabilities: Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege...

Intel PROSet/Wireless WiFi and Bluetooth May 2024 Security Update

Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless WiFi and Bluetooth® products, which might allow denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Intel has released updates to mitigate the...

KB5037765: Windows 10 version 1809 / Windows Server 2019 Security Update (May 2024)

The remote Windows host is missing security update 5037765 or 5039705. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability...

KB5037771: Windows 11 version 22H2 / Windows 11 version 23H2 Security Update (May 2024)

The remote Windows host is missing security update 5037771. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...

KB5037770: Windows 11 version 21H2 Security Update (May 2024)

The remote Windows host is missing security update 5037770. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...

KLA67433 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions. Below is a complete list of vulnerabilities: A remote code...

Rocky Linux 9 : golang (RLSA-2024:2562)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2562 advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames....

KB5037768: Windows 10 Version 21H2 / Windows 10 Version 22H2 Security Update (May 2024)

The remote Windows host is missing security update 5037768. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...

Rocky Linux 9 : libreswan (RLSA-2024:2565)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:2565 advisory. The Libreswan Project was notified of an issue causing libreswan to restart under some IKEv2 retransmit scenarios when a connection is configured to use...

KB5037781: Windows 11 version 22H2 / Windows Server version 23H2 Security Update (May 2024)

The remote Windows host is missing security update 5037781. It is, therefore, affected by multiple vulnerabilities Windows MSHTML Platform Security Feature Bypass Vulnerability (CVE-2024-30040) Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2024-29996, ...

Intel Thunderbolt Driver May 2024 Security Update

Intel has informed HP of a potential security vulnerability in some Intel® Thunderbolt driver software, which might allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Intel has released updates to mitigate the potential vulnerability. HP...

Why car location tracking needs an overhaul

Across America, survivors of domestic abuse and stalking are facing a unique location tracking crisis born out of policy failure, unclear corporate responsibility, and potentially risky behaviors around digital sharing that are now common in relationships. No, we’re not talking about stalkerware......

Unbreakable Enterprise kernel-container security update

[5.4.17-2136.331.7.el7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...

Unbreakable Enterprise kernel security update

[4.14.35-2047.536.5] - mmc: core: Fix switch on gp3 partition (Dominique Martinet) - Revert 'Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d'' (Song Liu) - mm/memory-failure: fix an incorrect use of tail pages (Liu Shixin) - Revert 'x86/mm/ident_map: Use gbpages only where full GB page...

Apple iOS < 17.5 Multiple Vulnerabilities (HT214101)

The version of Apple iOS running on the mobile device is prior to 17.5. It is, therefore, affected by multiple...

Unbreakable Enterprise kernel security update

[5.4.17-2136.331.7] - Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant) - Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568] - Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port'...

Kemp LoadMaster Local sudo Privilege Escalation

...

Kemp LoadMaster Local sudo Privilege Escalation Exploit

This Metasploit module abuses a feature of the sudo command on Progress Kemp LoadMaster. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. Some files have this permission are not write-protected from the default bal user. As such,.....

Apple iOS < 16.7.8 Multiple Vulnerabilities (HT214100)

The version of Apple iOS running on the mobile device is prior to 16.7.8. It is, therefore, affected by multiple...