About the security content of iOS 17.7.1 and iPadOS 17.7.1

About the security content of iOS 17.7.1 and iPadOS 17.7.1 This document describes the security content of iOS 17.7.1 and iPadOS 17.7.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...

About the security content of visionOS2.1

About the security content of visionOS2.1 This document describes the security content of visionOS 2.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

.NET 8.0 security update

An update is available for dotnet8.0. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list .NET is a managed-software framework. It implements a subset of the .NET...

CVE-2024-47575

A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4,...

SUSE CVE-2024-47736

In the Linux kernel, the following vulnerability has been resolved: erofs: handle overlapped pclusters out of crafted images properly syzbot reported a task hang issue due to a deadlock case where it is waiting for the folio lock of a cached folio that will be used for cache I/Os. After looking...

ALSA-2024:7851 Important: .NET 6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.135 and .NET Runtime 6.0.35...

CVE-2024-47782

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. Special:WikiDiscover is a special page that lists all wikis on the wiki farm. However, the special page does not make any effort to escape the wiki name or description. Therefore, if a wiki sets its nam...

CVE-2024-47782 Cross-site Scripting (XSS) in Special:WikiDiscover when displaying wiki information in WikiDiscover

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. Special:WikiDiscover is a special page that lists all wikis on the wiki farm. However, the special page does not make any effort to escape the wiki name or description. Therefore, if a wiki sets its nam...

CVE-2024-47782 Cross-site Scripting (XSS) in Special:WikiDiscover when displaying wiki information in WikiDiscover

WikiDiscover is an extension designed for use with a CreateWiki managed farm to display wikis. Special:WikiDiscover is a special page that lists all wikis on the wiki farm. However, the special page does not make any effort to escape the wiki name or description. Therefore, if a wiki sets its nam...

CVE-2024-9313

Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them...

CVE-2024-9313

Authd PAM module before version 0.3.5 can allow broker-managed users to impersonate any other user managed by the same broker and perform any PAM operation with it, including authenticating as them...

CVE-2024-20365 Cisco Integrated Management Controller Redfish Command Injection Vulnerability

A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to perform command injection attacks on an affected system and elevate privileges to root. This...

Important: Red Hat Bug Fix Advisory: Red Hat Developer Hub 1.3.0 release

Red Hat Developer Hub 1.3.0 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

Cisco UCS B-Series Blade Servers、Cisco UCS Managed C-Series Rack Servers和Cisco UCS X-Series Modular System 安全漏洞

Cisco UCS B-Series Blade Servers and others are products of Cisco, Inc.The Cisco UCS B-Series Blade Servers are a UCS B-Series blade server appliance.The Cisco UCS Managed C-Series Rack Servers are a standard form factor server designed to fit in a rack to save space in the data center.The Cisco...

MDR in Action: Preventing The More_eggs Backdoor From Hatching

Trend Micro MDR Managed Detection and Response team promptly mitigated a moreeggs infection. Using Vision One, MDR illustrated how Custom Filters/Models and Security Playbook can be used to automate the response to moreeggs and similar threats...

kernel: devres: Fix memory leakage caused by driver API devm_free_percpu()

In the Linux kernel, the following vulnerability has been resolved: devres: Fix memory leakage caused by driver API devmfreepercpu It will cause memory leakage when use driver API devmfreepercpu to free memory allocated by devmallocpercpu, fixed by using devresrelease instead of devresdestroy...

Expanding the Security Horizon: Introducing Rapid7 MDR for the Extended Ecosystem

As the cybersecurity landscape gets more complex, the stakes for keeping organizations safe have never been higher. Security teams are tasked with keeping ahead of new ransomware groups, rapidly evolving adversary tactics, and their dynamic attack surface as their business grows. Security...

CVE-2024-44133

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. On MDM managed devices, an app may be able to bypass certain Privacy preferences...

CVE-2024-44133

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. On MDM managed devices, an app may be able to bypass certain Privacy preferences...

CVE-2024-44133

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15. On MDM managed devices, an app may be able to bypass certain Privacy preferences...