edk2: Temporary DoS vulnerability

A divide-by-zero vulnerability was found in edk2. A successful exploit of this vulnerability may lead to a loss of availability...

Microsoft Security Update Validation Report August 2024

Microsoft’s August 2024 security updates have passed Citrix testing the updates are listed below. The testing is not all-inclusive; all tests are executed against English only environments and issues may still be found upon implementation. Follow best practices for testing and installing software...

RUSTSEC-2024-0363 Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the SQLx Discord: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to overflow,...

SUSE: Security Advisory (SUSE-SU-2024:2900-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-42438

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access...

CVE-2024-42437

Buffer overflow in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow an authenticated user to conduct a denial of service via network access...

CVE-2024-42434

Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-42435

Sensitive information disclosure in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-39824

Missing authorization in some Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-39818

Protection mechanism failure for some Zoom Workplace Apps and SDKs may allow an authenticated user to conduct information disclosure via network access...

Exploit for Out-of-bounds Write in Microsoft

Windows DWM Core Library Elevation of Privilege Vulnerability...

Zoom多款产品 安全漏洞

Zoom Rooms and others are products of Zoom Corporation, USA.Zoom Rooms is a software-based conferencing system.Zoom Meeting SDK is a development kit.Zoom Workplace is a desktop application software. A security vulnerability exists in a number of Zoom products. An attacker exploiting this...

PT-2024-29943 · Zoom · Zoom Sdks +3

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers affected versions not specified Description: The issue allows a privileged user to conduct an information disclosure via network access. This affects some Zoom Workplace Apps,...

Exploit for Improper Restriction of XML External Entity Reference in Adobe Commerce

CVE-2024-34102 ★ Thanks to @th3gokul, Sanjaith3hacker, Chocapi...

PT-2024-29946 · Zoom · Zoom Sdks +3

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers affected versions not specified Description: A buffer overflow issue may allow an authenticated user to conduct a denial of service via network access. This issue affects some Zo...

PT-2024-28685 · Zoom · Zoom Sdks +3

Name of the Vulnerable Software and Affected Versions: Zoom Workplace Apps, SDKs, Rooms Clients, and Rooms Controllers affected versions not specified Description: The issue allows a privileged user to conduct an information disclosure via network access. This is related to sensitive information...

Fedora: Security Advisory (FEDORA-2024-4fcf85b0ff)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 39 Update: nss-3.103.0-1.fc39

Network Security Services NSS is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS 5, PKCS 7, PKCS 11, PKCS 12, S/MIME, X.509 v3 certificates, and other security...

SUSE: Security Advisory (SUSE-SU-2024:2868-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-38202

Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security VBS. However, an...