MiracleLinux 9 : rpm-ostree-2024.3-3.el9_4 (AXSA:2024-8423:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8423:04 advisory. rpm-ostree: world-readable /etc/shadow file 9.4.z JIRA:RHEL-31852 CVE-2024-2905 A security vulnerability has been discovered within rpm-ostree, pertaining to...

Vulnerability fixed in Ivanti Neurons for ITSM

Ivanti has fixed a vulnerability in Ivanti Neurons On-prem for ITSM Versions for 2023.4, 2024.2, and 2024.3 The vulnerability involves a critical authentication bypass that allows remote, unauthenticated attackers to gain administrative access. This could lead to unauthorized actions within the...

IntelliJ IDEA < 2024.2.4 / 2024.3 (macOS)

The version of IntelliJ IDEA installed on the remote host is prior to 2024.2.4, 2024.3. It is, therefore, affected by a vulnerability as referenced in the advisory. - In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file CVE-2025-32054 Note that Nessu...

CVE-2025-32054

In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file...

Intel GPA 安全漏洞

Intel GPA is a tool for graphical application analysis from Intel Corporation USA. A security vulnerability exists in Intel GPA versions prior to 2024.3, which stems from incorrect default permissions that could allow authenticated users to enable privilege escalation via local access...

Intel GPA 访问控制错误漏洞

Intel GPA is a tool for graphical application analysis from Intel Corporation USA. An access control error vulnerability exists in Intel GPA versions prior to 2024.3 that stems from improper access control and could allow an authenticated user to enable denial of service via local access...

PT-2025-6679 · Intel · Intel(R) Gpa

Name of the Vulnerable Software and Affected Versions: IntelR GPA versions prior to 2024.3 Description: The issue is related to improper access control in IntelR GPA software, which may allow an authenticated user to potentially enable denial of service via local access. Recommendations: For...

CVE-2025-24457

In JetBrains YouTrack before 2024.3.55417 permanent tokens could be exposed in logs...

PRIMX ZED 安全漏洞

PRIMX ZED is a suite of sensitive data encryption software from PRIMX Corporation. A security vulnerability exists in PRIMX ZED Enterprise version 2024.3 and prior versions. An attacker could exploit the vulnerability to manipulate technical files stored in a local folder with normal user access...

CVE-2024-11598

Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation...

PT-2024-17128 · Ivanti · Ivanti Application Control

Name of the Vulnerable Software and Affected Versions: Ivanti Application Control versions prior to 2024.3 HF1 Ivanti Application Control versions prior to 2024.1 HF2 Ivanti Application Control versions prior to 2023.3 HF3 Description: Under specific circumstances, insecure permissions in Ivanti...

JetBrains WebStorm < 2024.3 Code Execution

The version of JetBrains WebStorm installed on the remote host is prior to 2024.3 . It is, therefore, affected by a code execution vulnerability as referenced in the vendor advisory. Code Execution can occur in Untrusted Project mode via specifically constructed type definitions in the installer...

PRIMX CRYHOD 安全漏洞

PRIMX CRYHOD is a PRIMX company used to enable companies to protect employee devices taken off premises in accordance with global management policies. A security vulnerability exists in PRIMX CRYHOD 2024.3 and earlier versions, which stems from the fact that by default dedicated folders can be...

PRIMX ORIZON 安全漏洞

PRIMX ORIZON is a multi-platform software from PRIMX Corporation that encrypts files and folders stored at a cloud service provider. A security vulnerability exists in PRIMX ORIZON version 2024.3 and earlier, which stems from the fact that by default dedicated folders can be accessed by other use...

PRIMX ZEDMAIL 安全漏洞

PRIMX ZEDMAIL is an enterprise messaging application encryption solution from PRIMX Corporation. A security vulnerability exists in PRIMX ZEDMAIL version 2024.3 and earlier, which stems from the fact that by default dedicated folders can be accessed by other users to misuse technical files and...

PT-2024-9030 · Jetbrains · Webstorm

Name of the Vulnerable Software and Affected Versions: JetBrains WebStorm versions prior to 2024.3 Description: The issue in JetBrains WebStorm is related to the Untrusted Project Mode, where a flaw allows the loading of external untrusted data alongside trusted data. This can enable an attacker ...

PT-2024-6538 · Foxit · Foxit Pdf Reader +1

Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader versions prior to 2024.3 Foxit PDF Editor versions prior to 2024.3 and 13.x prior to 13.1.4 Description: The issue is related to errors in access control, allowing an attacker to replace an update file with a Trojan horse via...

PT-2024-7629 · Sophos · Sophos Intercept X

Name of the Vulnerable Software and Affected Versions: Sophos Intercept X for Windows with Central Device Encryption versions 2024.2.0 and earlier Description: A local privilege escalation vulnerability in Sophos Intercept X for Windows with Central Device Encryption allows writing of arbitrary...

SolarWinds Access Rights Manager Deserialization Vulnerability

SolarWinds Access Rights Manager is a lightweight review management system from SolarWinds. A deserialization vulnerability exists in versions of SolarWinds Access Rights Manager prior to 2024.3, which arises from unsafe deserialization processing of serialized data received by the application fr...

SolarWinds Access Rights Manager 代码问题漏洞

SolarWinds Access Rights Manager is a lightweight review management system from SolarWinds. A deserialization vulnerability exists in versions of SolarWinds Access Rights Manager prior to 2024.3, which arises from unsafe deserialization processing of serialized data received by the application fr...