Mautic 安全漏洞

Mautic is an open source marketing automation software from Mautic Open Source. The software monitors and manages websites, sends emails and manages customer resources. A security vulnerability exists in Mautic that stems from the presence of a server-side request forgery SSRF vulnerability, whic...

CVE-2024-40825

The issue was addressed with improved checks. This issue is fixed in visionOS 2, macOS Sequoia 15. A malicious app with root privileges may be able to modify the contents of system files...

CVE-2024-40825

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, visionOS 2. A malicious app with root privileges may be able to modify the contents of system files...

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS version 15, which originates from a malicious application with root privileges that may be able to modify the contents of system files...

CVE-2024-40825

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, visionOS 2. A malicious app with root privileges may be able to modify the contents of system files...

CVE-2024-40825

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15, visionOS 2. A malicious app with root privileges may be able to modify the contents of system files...

CVE-2024-40825

CVE-2024-40825 affects Apple Vision Pro’s visionOS (APFS) and macOS Sequoia; root cause described as inadequate checks that could let a malicious, root-privileged app modify system files. Official sources confirm fixes in visionOS 2 and macOS Sequoia 15. Practical impact is local privilege abuse ...

CVE-2024-8778

OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality, allowing remote attackers with regular privileges to read arbitrary system files...

CVE-2024-8778

OMFLOW from The SYSCOM Group does not properly validate user input of the download functionality, allowing remote attackers with regular privileges to read arbitrary system files...

CVE-2024-8778

CVE-2024-8778 concerns OMFLOW by The SYSCOM Group. The Connected documents specify that the vulnerability arises from improper validation of user input in the download functionality, enabling remote attackers with regular privileges to read arbitrary system files. Affected product is OMFLOW; impa...

Smart HMI WebIQ 安全漏洞

Smart HMI WebIQ is a web-based HMI system from Smart HMI, Inc. A security vulnerability exists in Smart HMI WebIQ version 2.15.9 that stems from being affected by a directory traversal vulnerability that allows a remote attacker to read any file on the system...

PT-2024-29081 · Apple · Visionos +2

Name of the Vulnerable Software and Affected Versions: visionOS versions prior to 2 macOS Sequoia versions prior to 15 Description: A malicious app with root privileges may be able to modify the contents of system files due to inadequate checks. The issue was addressed with improved checks...

About the security content of macOS Sequoia 15

About the security content of macOS Sequoia 15 This document describes the security content of macOS Sequoia 15. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

PT-2024-39244 · Syscom · Omflow

Name of the Vulnerable Software and Affected Versions: OMFLOW from The SYSCOM Group affected versions not specified Description: The issue is related to the download functionality in OMFLOW, which does not properly validate user input. This allows remote attackers with regular privileges to read...

CVE-2024-8585

Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files...

CVE-2024-8585

Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files...

CVE-2024-8585

The CVE-2024-8585 issue is a path-traversal vulnerability in Learning Digital’s Orca HCM file-download function, where a parameter is not properly restricted. This permits a remote attacker with regular privileges to download arbitrary system files. Affected software: Orca HCM from LEARNING DIGIT...

LearningDigital Orca HCM 路径遍历漏洞

LearningDigital Orca HCM is a digital learning platform from China-based LearningDigital. A path traversal vulnerability exists in LearningDigital Orca HCM versions prior to 11.0, which arises from improperly restricting certain parameters of the file download function, allowing a remote attacker...

CVE-2024-20506

A vulnerability in the ClamD service module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt...

AZL-48624 CVE-2024-20506 affecting package clamav for versions less than 1.0.7-1

A vulnerability in the ClamD service module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt...