CVE-2022-1701

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data...

CVE-2024-4892 BuddyPress <= 12.4.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The BuddyPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘displayname’ parameter in versions up to, and including, 12.4.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level permissio...

CVE-2023-51717

Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass...

PT-2024-14257 · Dataiku · Dataiku Dss

Name of the Vulnerable Software and Affected Versions: Dataiku DSS versions prior to 11.4.5 Dataiku DSS versions prior to 12.4.1 Description: The issue is related to Incorrect Access Control, which could lead to a full authentication bypass. Recommendations: For versions prior to 11.4.5, update t...

CVE-2023-21618

Adobe Substance 3D Designer version 12.4.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Adobe Substance 3D Designer 缓冲区错误漏洞

Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. A buffer overflow vulnerability exists in Adobe Substance 3D Designer 12.4.1 and prior versions, which originates from a boundary error when the application processes untrusted input. A remote attacker...

CVE-2023-21618 ZDI-CAN-20963: Adobe Substance 3D Designer SBS File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Adobe Substance 3D Designer version 12.4.1 and earlier is affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2019-25071 Apple iOS Siri Self privileges management

A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands remotely. Exploit details have been...

CVE-2022-22282

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability...

SonicWall SMA1000 series 信任管理问题漏洞

The SonicWall SMA1000 series is a family of secure mobile access solutions from SonicWall USA, Inc. simplifies end-to-end secure remote access to enterprise resources hosted across local, cloud and hybrid data centers. A security vulnerability exists in SonicWall SMA1000 series firmware version...

Apple iOS/tvOS/iPadOS/watchOS/macOS Multiple Memory Corruption Vulnerabilities

Description Apple iOS/tvOS/iPadOS/watchOS/macOS are prone to multiple memory-corruption vulnerabilities. Successfully exploiting these issues allows attackers to execute arbitrary code in the context of current user running the affected application. Failed exploits will result in denial-of-servic...

Apple TV < 12.4.1 A Use-After-Free Vulnerability

According to its banner, the version of Apple TV on the remote device is prior to 12.4.1. It is therefore affected by a use-after-free vulnerability as described in the HT210550 C Tenable Network Security, Inc. include'compat.inc'; if description scriptid131702; scriptversion"1.6";...

iOS IOUSBDeviceFamily 12.4.1 - &#039;IOInterruptEventSource&#039; Heap Corruption (PoC)

Exploit Title: iOS IOUSBDeviceFamily 12.4.1 - 'IOInterruptEventSource' Heap Corruption PoC Date: 2019-10-29 Exploit Author: Sem Voigtlander, Joshua Hill and Raz Mashat Vendor Homepage: https://apple.com/ Software Link: https://support.apple.com/en-hk/HT210606 Version: iOS 13 Tested on: iOS 12.4.1...

iOS &lt; 12.4.1 - &#039;Jailbreak&#039; Local Privilege Escalation

Exploit Title: SockPuppet 3 Date: September 8, 2019 Exploit Author: Umang Raghuvanshi Vendor Homepage: https://apple.com Software Link: https://ipsw.me/ Version: iOS 11.0—12.2, iOS 12.4 Tested on: iOS 11.0—12.2, iOS 12.4 CVE: CVE-2019-8605 This is an alternative and complete exploit for...

About the security content of iOS 12.4.1 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

Apple Releases iOS 12.4.1 Emergency Update to Patch 'Jailbreak' Flaw

Apple just patched an unpatched flaw that it patched previously but accidentally unpatched recently — did I confuse you? Let's try it again... Apple today finally released iOS 12.4.1 to fix a critical jailbreak vulnerability, like it or not, that was initially patched by the company in iOS 12.3 b...

Apple Releases Multiple Security Updates

Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review the App...

About the security content of tvOS 12.4.1

About the security content of tvOS 12.4.1 This document describes the security content of tvOS 12.4.1 About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Apple iOS < 12.4.1 Privilege Escalation Vulnerability

Binary data appleios1241check.nbin...