PT-2024-10597 · Qualcomm · Snapdragon +6

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: Information disclosure is possible during audio playback. This issue may allow the disclosure of information while audio is being played. Recommendations: At the moment, there is no...

PT-2024-10124

Name of the Vulnerable Software and Affected Versions rsync affected versions not specified Description The issue is related to rsync, a software used for synchronizing files across different systems. It allows a server to enumerate the contents of an arbitrary file from the client's machine by...

PT-2024-24053 · Aiphone · Aiphone Ixg System

Name of the Vulnerable Software and Affected Versions: AIPHONE IX SYSTEM affected versions not specified AIPHONE IXG SYSTEM affected versions not specified Description: A network-adjacent authenticated attacker may execute an arbitrary OS command with root privileges by sending a specially crafte...

PT-2024-31621 · Zoom · Zoom Apps

Name of the Vulnerable Software and Affected Versions: Zoom Apps affected versions not specified Description: The issue is related to improper input validation in some Zoom Apps, which may allow an unauthenticated user to disclose information via network access. Recommendations: At the moment,...

PT-2024-19215 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The issue is related to a user's mental health breaker being triggered due to excessive stupidity, resulting in temporary disabling of Twitter access. Recommendations: At the...

Read from host file system via ImagePromptTemplate in langchain-core

Description You can create langchaincore.prompts.ImagePromptTemplate's and by extension the langchaincore.prompts.ChatPromptTemplate's with input variables that make it possible for the prompt template to read any user-specified path from the server file system. If the outputs of the prompt...

The vulnerability of the Packet Forwarding Engine (PFE) module of the Junos OS Evolved operating system, which allows a hacker to trigger a service failure.

The vulnerability of the Packet Forwarding Engine PFE module in the Junos OS Evolved operating system is related to insufficient channel constraints for specified endpoints. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

PT-2024-32492 · Dell · Dell Powerflex Manager

Name of the Vulnerable Software and Affected Versions: Dell PowerFlex Manager affected versions not specified Description: A security issue has been identified in Dell PowerFlex Manager, where sensitive information is stored in cleartext. Recommendations: At the moment, there is no information...

Mitsubishi Electric CNC Series (Update C)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : Mitsubishi Electric Equipment : CNC Series Vulnerability : Improper Validation of Specified Quantity in Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote...

PT-2024-7177 · Microsoft · Exchange Server

Name of the Vulnerable Software and Affected Versions: Microsoft Exchange Server affected versions not specified Description: The issue is related to a lack of protection for service data in Microsoft Exchange Server, which can be exploited to disclose protected information. Recommendations: At t...

PT-2024-23193 · Hcl +1 · Bigfix Platform

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: A dynamic search for a prerequisite library could allow the possibility for an attacker to replace the correct file under some circumstances. The issue...

Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates

Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 5.0.21 LTS, 12.0.4 LTS and 12.4.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported...

PT-2024-6728 · Microsoft · Office Visio

Name of the Vulnerable Software and Affected Versions: Microsoft Office Visio affected versions not specified Description: The issue is related to a lack of warning about dangerous actions in the Microsoft Office Visio graphic editor, which is part of Microsoft Office and Microsoft 365 Apps for...

PT-2024-19853

Name of the Vulnerable Software and Affected Versions MSM module affected versions not specified Description The issue involves memory corruption when invoking IOCTL calls for the MSM module from user space during audio playback and record. This occurs due to improper handling of IOCTL calls,...

PT-2024-19851 · Qualcomm · Snapdragon +13

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs during network scan requests. This can potentially lead to exploitation. No information is provided abo...

PT-2024-32714 · Unknown · Shilpi Client Dashboard

Name of the Vulnerable Software and Affected Versions: Shilpi Client Dashboard affected versions not specified Description: The issue exists due to improper validation of files being uploaded other than the specified extension. An authenticated remote attacker could exploit this by uploading a...

PT-2024-39000 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: A CVE has been rejected. No further details are provided about the issue. Recommendations: At the moment, there is no information about a newer version that contains a fix fo...

PT-2024-39025 · Planet Technology · Planet Technology Devices

Name of the Vulnerable Software and Affected Versions: PLANET Technology devices affected versions not specified Description: The swctrl service is used to detect and remotely manage PLANET Technology devices. For certain switch models, the authentication tokens used during communication with thi...

PT-2024-28493 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions affected versions not specified Description: The issue is related to a missing bounds check in the drm service, which could lead to a local denial of service. This requires System execution privileges. Recommendations: At the...

PT-2024-32418 · Gotenna · Gotenna Pro App +2

Name of the Vulnerable Software and Affected Versions: goTenna Pro App affected versions not specified goTenna Pro X affected versions not specified goTenna Pro X2 affected versions not specified Description: The goTenna Pro series uses AES CTR type encryption for short, encrypted messages withou...