CVE-2024-0794 Certain LaserJet Pro, HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow, Potential Remote Code Execution

Certain HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to Remote Code Execution due to buffer overflow when rendering fonts embedded in a PDF file...

CVE-2024-0794

HP CVE-2024-0794 affects HP LaserJet Pro, HP Enterprise LaserJet, and HP LaserJet Managed Printers. The issue is a buffer overflow in the CFF/font rendering path when parsing embedded fonts in PDFs, leading to Remote Code Execution. Public sources describe network-adjacent or remote exploitation ...

Certain HP Enterprise LaserJet, HP LaserJet Managed Printers – Potential Buffer Overflow

Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to buffer overflow when using libwebp in Google Chrome or other web browsers. This issue occurs in all versions of libwebp prior to 1.3.2. Update your printer firmware...

ALSA-2024:0827 Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.102 and .NET Runtime 8.0.2...

Important: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.102 and .NET Runtime 8.0.2...

Important: Red Hat Security Advisory: dotnet6.0 security update

An update for dotnet6.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Important: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.116 and .NET Runtime 7.0.16...

Important: dotnet7.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.116 and .NET Runtime 7.0.16...

Design/Logic Flaw

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

CVE-2023-50292

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

CVE-2023-50292 Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configu...

Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Runtime Environment, Java Technology Edition.

Summary An issue was identified with IBM Runtime Environment, Java Technology Edition, Version 8 which is shipped with IBM MQ for Solaris. Vulnerability Details CVEID:CVE-2023-22045 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to...

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

CVE-2024-0204: Authentication Bypass in GoAnywhere MFT Script...

Cisco Small Business Series Switches Stacked Reload ACL Bypass (cisco-sa-sb-bus-acl-bypass-5zn9hNJk)

A vulnerability with the access control list ACL management within a stacked switch configuration of Cisco Business 250 Series Smart Switches and Business 350 Series Managed Switches could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected...

The vulnerability of the Fortra (HelpSystems) GoAnywhere MFT application for secure file transfer, related to security mechanism errors, allows attackers to escalate their privileges.

The vulnerability of the Fortra HelpSystems GoAnywhere MFT application for secure file transfer is related to security mechanism errors. Exploiting this vulnerability allows a malicious actor to enhance their privileges by creating a user administrator through the administration portal...

Exploit for Forced Browsing in Fortra Goanywhere_Managed_File_Transfer

It is an exploit module targeting the GoAnywhere MFT vulnerabili...

Fortra GoAnywhere Managed File Transfer (MFT) < 7.4.1 Authentication Bypass (CVE-2024-0204)

Binary data fortragoanywheremftCVE-2024-0204.nbin...

ThreatDown earns highest ratings across EDR and MDR categories in G2 Winter 2024 results

The peer-to-peer review source G2 has released its Winter 2024 reports, ranking ThreatDown products on top across several Endpoint Detection and Response EDR and Managed Detection and Response MDR categories. Based on verified customer reviews, ThreatDown EDR was voted a Leader in the overall and...

Important: Red Hat Security Advisory: .NET 8.0 security update

An update for .NET 8.0 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2024:0156 Important: .NET 6.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.126 and .NET Runtime 6.0.26...