CVE-2024-44133

CVE-2024-44133 affects macOS on MDM-managed devices. An app could bypass certain Privacy preferences. Apple fixed the issue in macOS Sequoia 15 by removing the vulnerable code. The CVSS base score is 5.5 (Local, Low attack complexity, Low privileges, No user interaction; Impact: Confidentiality n...

Security Bulletin: IBM Managed System Services for i and IBM System Management for i are vulnerable to a local user gaining elevated privilege due to unqualified library calls [CVE-2024-38330].

Summary IBM Managed System Services for i and IBM System Management for i are vulnerable to a local user gaining elevated privilege due to programs making unqualified library calls as described in the vulnerability details section. This bulletin identifies the steps to take to address the...

CVE-2024-45104

Summary: CVE-2024-45104 affects Lenovo XClarity Administrator (LXCA). A valid, authenticated LXCA user who does not have sufficient privileges may exploit the system by using a device identifier to modify an LXCA-managed device through a specially crafted Web API call. This implies an elevation o...

CVE-2024-45104

A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call...

PT-2024-31434 · Lenovo · Lxca

Name of the Vulnerable Software and Affected Versions: LXCA affected versions not specified Description: A valid, authenticated LXCA user without sufficient privileges may be able to use the device identifier to modify an LXCA managed device through a specially crafted web API call...

drm/i915/hwmon: Get rid of devm

...

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Denial of Service

Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to denial of service when using a wireless accessory connected to devices running Linux. Update your printer firmware...

CVE-2024-8320

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices...

CVE-2024-8321

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network...

CVE-2024-8321

CVE-2024-8321 affects Ivanti Endpoint Manager (EPM) and involves missing authentication in Network Isolation, enabling a remote unauthenticated attacker to isolate managed devices from the network. Public references cite the vulnerability as present in EPM before 2022 SU6 and/or the 2024 Septembe...

CVE-2024-8321

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network...

CVE-2024-8321

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network...

CVE-2024-8320

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices...

CVE-2024-8320

Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to spoof Network Isolation status of managed devices...

Ivanti EPM 安全漏洞

Ivanti EPM is a one-stop shop for managing user profiles and all client devices from Ivanti USA. A security vulnerability exists in Ivanti EPM that stems from the inclusion of a missing authentication issue in network isolation. An unauthenticated remote attacker exploiting this vulnerability cou...

Our 4 Essential Strategy Takeaways from the Gartner® 2024 Report – How to Prepare for Ransomware Attacks

As ransomware threats continue to evolve, security and risk management leaders must stay ahead by adopting comprehensive strategies to protect their organizations. The 2024 Gartner report, “How to Prepare for Ransomware Attacks”, provides critical insights into the latest tactics used by bad acto...

SUSE CVE-2024-44967

In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devmaddactionorreset will release the I2C adapter when the underlying Linux device goes away. But the connector still refers to it, so this cleanup leaves behind a...

DEBIAN-CVE-2024-44967

In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devmaddactionorreset will release the I2C adapter when the underlying Linux device goes away. But the connector still refers to it, so this cleanup leaves behind a...

UBUNTU-CVE-2024-44967

In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devmaddactionorreset will release the I2C adapter when the underlying Linux device goes away. But the connector still refers to it, so this cleanup leaves behind a...

CVE-2024-44967 drm/mgag200: Bind I2C lifetime to DRM device

In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devmaddactionorreset will release the I2C adapter when the underlying Linux device goes away. But the connector still refers to it, so this cleanup leaves behind a...