ISHACK AI BOT

Amazon Linux AMI 2: CVE-2024-10978: Security patch for libpq, postgresql (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/21/2024 Added 12/20/2024 Modified 12/20/2024 Description Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended.An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature.The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker.If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION.The attacker does not control which incorrect user ID applies.Query text from less-privileged sources is not a concern here, because SET ROLE and SET SESSION AUTHORIZATION are not sandboxes for unvetted queries.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) amazon-linux-ami-2-upgrade-libpq amazon-linux-ami-2-upgrade-libpq-debuginfo amazon-linux-ami-2-upgrade-libpq-devel amazon-linux-ami-2-upgrade-postgresql amazon-linux-ami-2-upgrade-postgresql-contrib amazon-linux-ami-2-upgrade-postgresql-debuginfo amazon-linux-ami-2-upgrade-postgresql-docs amazon-linux-ami-2-upgrade-postgresql-llvmjit amazon-linux-ami-2-upgrade-postgresql-plperl amazon-linux-ami-2-upgrade-postgresql-plpython3 amazon-linux-ami-2-upgrade-postgresql-pltcl amazon-linux-ami-2-upgrade-postgresql-private-devel amazon-linux-ami-2-upgrade-postgresql-private-libs amazon-linux-ami-2-upgrade-postgresql-server amazon-linux-ami-2-upgrade-postgresql-server-devel amazon-linux-ami-2-upgrade-postgresql-static amazon-linux-ami-2-upgrade-postgresql-test amazon-linux-ami-2-upgrade-postgresql-test-rpm-macros amazon-linux-ami-2-upgrade-postgresql-upgrade amazon-linux-ami-2-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-10978 AL2/ALASPOSTGRESQL13-2024-008 AL2/ALASPOSTGRESQL14-2024-014 AL2/ALASPOSTGRESQL14-2024-015 CVE - 2024-10978

Oracle Linux: CVE-2024-10979: ELSA-2024-10788:postgresql:16 security update (IMPORTANT) (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2024 Created 12/10/2024 Added 12/05/2024 Modified 01/08/2025 Description Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH).That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. A flaw was found in PostgreSQL PL/Perl. This vulnerability allows an unprivileged database user to change sensitive process environment variables (e.g., PATH) via incorrect control of environment variables. Solution(s) oracle-linux-upgrade-pgaudit oracle-linux-upgrade-pg-repack oracle-linux-upgrade-pgvector oracle-linux-upgrade-postgres-decoderbufs oracle-linux-upgrade-postgresql oracle-linux-upgrade-postgresql-contrib oracle-linux-upgrade-postgresql-devel oracle-linux-upgrade-postgresql-docs oracle-linux-upgrade-postgresql-libs oracle-linux-upgrade-postgresql-plperl oracle-linux-upgrade-postgresql-plpython oracle-linux-upgrade-postgresql-plpython3 oracle-linux-upgrade-postgresql-pltcl oracle-linux-upgrade-postgresql-private-devel oracle-linux-upgrade-postgresql-private-libs oracle-linux-upgrade-postgresql-server oracle-linux-upgrade-postgresql-server-devel oracle-linux-upgrade-postgresql-static oracle-linux-upgrade-postgresql-test oracle-linux-upgrade-postgresql-test-rpm-macros oracle-linux-upgrade-postgresql-upgrade oracle-linux-upgrade-postgresql-upgrade-devel References https://attackerkb.com/topics/cve-2024-10979 CVE - 2024-10979 ELSA-2024-10788 ELSA-2024-10831 ELSA-2024-10832 ELSA-2024-10830 ELSA-2024-10785 ELSA-2024-10787 ELSA-2024-10791 ELSA-2024-10882 View more

Ubuntu: USN-7130-1 (CVE-2024-52308): GitHub CLI vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 11/14/2024 Created 11/28/2024 Added 11/27/2024 Modified 01/30/2025 Description The GitHub CLI version 2.6.1 and earlier are vulnerable to remote code execution through a malicious codespace SSH server when using `gh codespace ssh` or `gh codespace logs` commands. This has been patched in the cli v2.62.0. Developers connect to remote codespaces through an SSH server running within the devcontainer, which is generally provided through the [default devcontainer image]( https://docs.github.com/en/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-... https://docs.github.com/en/codespaces/setting-up-your-project-for-codespaces/adding-a-dev-container-configuration/introduction-to-dev-containers#using-the-default-dev-container-configuration) . GitHub CLI [retrieves SSH connection details]( https://github.com/cli/cli/blob/30066b0042d0c5928d959e288144300cb28196c9/internal/codespaces/rpc/inv... https://github.com/cli/cli/blob/30066b0042d0c5928d959e288144300cb28196c9/internal/codespaces/rpc/invoker.go#L230-L244 ), such as remote username, which is used in [executing `ssh` commands]( https://github.com/cli/cli/blob/e356c69a6f0125cfaac782c35acf77314f18908d/pkg/cmd/codespace/ssh.go#L2... https://github.com/cli/cli/blob/e356c69a6f0125cfaac782c35acf77314f18908d/pkg/cmd/codespace/ssh.go#L263 ) for `gh codespace ssh` or `gh codespace logs` commands. This exploit occurs when a malicious third-party devcontainer contains a modified SSH server that injects `ssh` arguments within the SSH connection details. `gh codespace ssh` and `gh codespace logs` commands could execute arbitrary code on the user's workstation if the remote username contains something like `-oProxyCommand="echo hacked" #`.The `-oProxyCommand` flag causes `ssh` to execute the provided command while `#` shell comment causes any other `ssh` arguments to be ignored. In `2.62.0`, the remote username information is being validated before being used. Solution(s) ubuntu-pro-upgrade-gh References https://attackerkb.com/topics/cve-2024-52308 CVE - 2024-52308 USN-7130-1

Ubuntu: USN-7132-1 (CVE-2024-10978): PostgreSQL vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 12/04/2024 Added 12/03/2024 Modified 12/03/2024 Description Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended.An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature.The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker.If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION.The attacker does not control which incorrect user ID applies.Query text from less-privileged sources is not a concern here, because SET ROLE and SET SESSION AUTHORIZATION are not sandboxes for unvetted queries.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) ubuntu-upgrade-postgresql-12 ubuntu-upgrade-postgresql-14 ubuntu-upgrade-postgresql-16 ubuntu-upgrade-postgresql-client-12 ubuntu-upgrade-postgresql-client-14 ubuntu-upgrade-postgresql-client-16 References https://attackerkb.com/topics/cve-2024-10978 CVE - 2024-10978 USN-7132-1

Huawei EulerOS: CVE-2024-1682: python-requests security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/14/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description An unclaimed Amazon S3 bucket, 'codeconf', is referenced in an audio file link within the .rst documentation file. This bucket has been claimed by an external party. The use of this unclaimed S3 bucket could lead to data integrity issues, data leakage, availability problems, loss of trustworthiness, and potential further attacks if the bucket is used to host malicious content or as a pivot point for further attacks. Solution(s) huawei-euleros-2_0_sp11-upgrade-python3-requests References https://attackerkb.com/topics/cve-2024-1682 CVE - 2024-1682 EulerOS-SA-2025-1165

Red Hat: CVE-2024-10976: postgresql: PostgreSQL row security below e.g. subqueries disregards user ID changes (Multiple Advisories) Severity 4 CVSS (AV:N/AC:H/Au:S/C:P/I:P/A:N) Published 11/14/2024 Created 02/11/2025 Added 02/10/2025 Modified 02/14/2025 Description Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended.CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes.They missed cases where a subquery, WITH query, security invoker view, or SQL-language function references a table with a row-level security policy.This has the same consequences as the two earlier CVEs.That is to say, it leads to potentially incorrect policies being applied in cases where role-specific policies are used and a given query is planned under one role and then executed under other roles.This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs.Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modifications.This affects only databases that have used CREATE POLICY to define a row security policy.An attacker must tailor an attack to a particular application's pattern of query plan reuse, user ID changes, and role-specific row security policies.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) redhat-upgrade-pg_repack redhat-upgrade-pg_repack-debuginfo redhat-upgrade-pg_repack-debugsource redhat-upgrade-pgaudit redhat-upgrade-pgaudit-debuginfo redhat-upgrade-pgaudit-debugsource redhat-upgrade-pgvector redhat-upgrade-pgvector-debuginfo redhat-upgrade-pgvector-debugsource redhat-upgrade-postgres-decoderbufs redhat-upgrade-postgres-decoderbufs-debuginfo redhat-upgrade-postgres-decoderbufs-debugsource redhat-upgrade-postgresql redhat-upgrade-postgresql-contrib redhat-upgrade-postgresql-contrib-debuginfo redhat-upgrade-postgresql-debuginfo redhat-upgrade-postgresql-debugsource redhat-upgrade-postgresql-docs redhat-upgrade-postgresql-docs-debuginfo redhat-upgrade-postgresql-plperl redhat-upgrade-postgresql-plperl-debuginfo redhat-upgrade-postgresql-plpython3 redhat-upgrade-postgresql-plpython3-debuginfo redhat-upgrade-postgresql-pltcl redhat-upgrade-postgresql-pltcl-debuginfo redhat-upgrade-postgresql-private-devel redhat-upgrade-postgresql-private-libs redhat-upgrade-postgresql-private-libs-debuginfo redhat-upgrade-postgresql-server redhat-upgrade-postgresql-server-debuginfo redhat-upgrade-postgresql-server-devel redhat-upgrade-postgresql-server-devel-debuginfo redhat-upgrade-postgresql-static redhat-upgrade-postgresql-test redhat-upgrade-postgresql-test-debuginfo redhat-upgrade-postgresql-test-rpm-macros redhat-upgrade-postgresql-upgrade redhat-upgrade-postgresql-upgrade-debuginfo redhat-upgrade-postgresql-upgrade-devel redhat-upgrade-postgresql-upgrade-devel-debuginfo References CVE-2024-10976 RHSA-2024:10785 RHSA-2024:10787 RHSA-2024:10788 RHSA-2024:10791 RHSA-2024:10830 RHSA-2024:10831 RHSA-2024:10832 View more

Red Hat: CVE-2024-10979: postgresql: PostgreSQL PL/Perl environment variable changes execute arbitrary code (Multiple Advisories) Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/14/2024 Created 02/11/2025 Added 02/10/2025 Modified 02/10/2025 Description Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH).That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) redhat-upgrade-pg_repack redhat-upgrade-pg_repack-debuginfo redhat-upgrade-pg_repack-debugsource redhat-upgrade-pgaudit redhat-upgrade-pgaudit-debuginfo redhat-upgrade-pgaudit-debugsource redhat-upgrade-pgvector redhat-upgrade-pgvector-debuginfo redhat-upgrade-pgvector-debugsource redhat-upgrade-postgres-decoderbufs redhat-upgrade-postgres-decoderbufs-debuginfo redhat-upgrade-postgres-decoderbufs-debugsource redhat-upgrade-postgresql redhat-upgrade-postgresql-contrib redhat-upgrade-postgresql-contrib-debuginfo redhat-upgrade-postgresql-debuginfo redhat-upgrade-postgresql-debugsource redhat-upgrade-postgresql-docs redhat-upgrade-postgresql-docs-debuginfo redhat-upgrade-postgresql-plperl redhat-upgrade-postgresql-plperl-debuginfo redhat-upgrade-postgresql-plpython3 redhat-upgrade-postgresql-plpython3-debuginfo redhat-upgrade-postgresql-pltcl redhat-upgrade-postgresql-pltcl-debuginfo redhat-upgrade-postgresql-private-devel redhat-upgrade-postgresql-private-libs redhat-upgrade-postgresql-private-libs-debuginfo redhat-upgrade-postgresql-server redhat-upgrade-postgresql-server-debuginfo redhat-upgrade-postgresql-server-devel redhat-upgrade-postgresql-server-devel-debuginfo redhat-upgrade-postgresql-static redhat-upgrade-postgresql-test redhat-upgrade-postgresql-test-debuginfo redhat-upgrade-postgresql-test-rpm-macros redhat-upgrade-postgresql-upgrade redhat-upgrade-postgresql-upgrade-debuginfo redhat-upgrade-postgresql-upgrade-devel redhat-upgrade-postgresql-upgrade-devel-debuginfo References CVE-2024-10979 RHSA-2024:10593 RHSA-2024:10595 RHSA-2024:10736 RHSA-2024:10750 RHSA-2024:10785 RHSA-2024:10787 RHSA-2024:10788 RHSA-2024:10791 RHSA-2024:10800 RHSA-2024:10807 RHSA-2024:10830 RHSA-2024:10831 RHSA-2024:10832 RHSA-2024:10851 RHSA-2024:10879 View more

Red Hat: CVE-2024-10978: postgresql: PostgreSQL SET ROLE, SET SESSION AUTHORIZATION reset to wrong user ID (Multiple Advisories) Severity 4 CVSS (AV:N/AC:H/Au:S/C:P/I:P/A:N) Published 11/14/2024 Created 02/11/2025 Added 02/10/2025 Modified 02/10/2025 Description Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended.An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature.The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker.If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION.The attacker does not control which incorrect user ID applies.Query text from less-privileged sources is not a concern here, because SET ROLE and SET SESSION AUTHORIZATION are not sandboxes for unvetted queries.Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. Solution(s) redhat-upgrade-pg_repack redhat-upgrade-pg_repack-debuginfo redhat-upgrade-pg_repack-debugsource redhat-upgrade-pgaudit redhat-upgrade-pgaudit-debuginfo redhat-upgrade-pgaudit-debugsource redhat-upgrade-pgvector redhat-upgrade-pgvector-debuginfo redhat-upgrade-pgvector-debugsource redhat-upgrade-postgres-decoderbufs redhat-upgrade-postgres-decoderbufs-debuginfo redhat-upgrade-postgres-decoderbufs-debugsource redhat-upgrade-postgresql redhat-upgrade-postgresql-contrib redhat-upgrade-postgresql-contrib-debuginfo redhat-upgrade-postgresql-debuginfo redhat-upgrade-postgresql-debugsource redhat-upgrade-postgresql-docs redhat-upgrade-postgresql-docs-debuginfo redhat-upgrade-postgresql-plperl redhat-upgrade-postgresql-plperl-debuginfo redhat-upgrade-postgresql-plpython3 redhat-upgrade-postgresql-plpython3-debuginfo redhat-upgrade-postgresql-pltcl redhat-upgrade-postgresql-pltcl-debuginfo redhat-upgrade-postgresql-private-devel redhat-upgrade-postgresql-private-libs redhat-upgrade-postgresql-private-libs-debuginfo redhat-upgrade-postgresql-server redhat-upgrade-postgresql-server-debuginfo redhat-upgrade-postgresql-server-devel redhat-upgrade-postgresql-server-devel-debuginfo redhat-upgrade-postgresql-static redhat-upgrade-postgresql-test redhat-upgrade-postgresql-test-debuginfo redhat-upgrade-postgresql-test-rpm-macros redhat-upgrade-postgresql-upgrade redhat-upgrade-postgresql-upgrade-debuginfo redhat-upgrade-postgresql-upgrade-devel redhat-upgrade-postgresql-upgrade-devel-debuginfo References CVE-2024-10978 RHSA-2024:10785 RHSA-2024:10787 RHSA-2024:10788 RHSA-2024:10791 RHSA-2024:10830 RHSA-2024:10831 RHSA-2024:10832 View more

Google Chrome Vulnerability: CVE-2024-11116 Inappropriate implementation in Paint Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 11/13/2024 Created 11/14/2024 Added 11/13/2024 Modified 01/28/2025 Description Inappropriate implementation in Blink in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-11116 CVE - 2024-11116

FreeBSD: VID-1EB4D32C-A245-11EF-998C-2CF05DA270F3 (CVE-2024-8180): Gitlab -- vulnerabilities Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 11/13/2024 Created 11/16/2024 Added 11/15/2024 Modified 01/28/2025 Description An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. Improper output encoding could lead to XSS if CSP is not enabled. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-8180

FreeBSD: VID-1EB4D32C-A245-11EF-998C-2CF05DA270F3 (CVE-2024-9693): Gitlab -- vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 11/13/2024 Created 11/16/2024 Added 11/15/2024 Modified 01/28/2025 Description An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7, starting from 17.4 prior to 17.4.4, and starting from 17.5 prior to 17.5.2, which could have allowed unauthorized access to the Kubernetes agent in a cluster under specific configurations. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-9693

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs) Severity 4 CVSS (AV:L/AC:L/Au:M/C:N/I:N/A:C) Published 11/13/2024 Created 02/13/2025 Added 02/12/2025 Modified 02/12/2025 Description Improper bounds checking in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker with admin privileges to cause a denial of service. Solution(s) pulse-secure-pulse-connect-secure-upgrade-22_7r3 References https://attackerkb.com/topics/cve-2024-38654 CVE - 2024-38654 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 11/13/2024 Created 11/15/2024 Added 11/14/2024 Modified 02/12/2025 Description Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Solution(s) pulse-secure-pulse-connect-secure-upgrade-22_7r2_1 pulse-secure-pulse-connect-secure-upgrade-9_1r18_7 References https://attackerkb.com/topics/cve-2024-39711 CVE - 2024-39711 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/13/2024 Created 02/13/2025 Added 02/12/2025 Modified 02/12/2025 Description Insufficient validation in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. Solution(s) pulse-secure-pulse-connect-secure-upgrade-22_7r4 References https://attackerkb.com/topics/cve-2024-37398 CVE - 2024-37398 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs) Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 11/13/2024 Created 11/15/2024 Added 11/14/2024 Modified 02/12/2025 Description Incorrect file permissions in Ivanti Connect Secure before version 22.6R2 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1 (Not Applicable to 9.1Rx) allow a local authenticated attacker to escalate their privileges. Solution(s) pulse-secure-pulse-connect-secure-upgrade-22_6r2 References https://attackerkb.com/topics/cve-2024-39709 CVE - 2024-39709 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US

Debian: CVE-2024-23918: intel-microcode -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/13/2024 Created 12/28/2024 Added 12/27/2024 Modified 12/27/2024 Description Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) debian-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2024-23918 CVE - 2024-23918 DLA-4002-1

Debian: CVE-2024-11159: thunderbird -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 11/13/2024 Created 11/19/2024 Added 11/18/2024 Modified 01/28/2025 Description Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1. Solution(s) debian-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-11159 CVE - 2024-11159 DSA-5814-1

Debian: CVE-2024-21853: intel-microcode -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/13/2024 Created 12/28/2024 Added 12/27/2024 Modified 12/27/2024 Description Improper finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel(R) Xeon(R) Processors may allow an authorized user to potentially enable denial of service via local access. Solution(s) debian-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2024-21853 CVE - 2024-21853 DLA-4002-1

Ubuntu: USN-7149-1 (CVE-2024-21820): Intel Microcode vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/13/2024 Created 12/12/2024 Added 12/11/2024 Modified 12/11/2024 Description Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) ubuntu-pro-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2024-21820 CVE - 2024-21820 USN-7149-1

Ubuntu: USN-7149-1 (CVE-2024-23918): Intel Microcode vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/13/2024 Created 12/12/2024 Added 12/11/2024 Modified 12/11/2024 Description Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. Solution(s) ubuntu-pro-upgrade-intel-microcode References https://attackerkb.com/topics/cve-2024-23918 CVE - 2024-23918 USN-7149-1

Google Chrome Vulnerability: CVE-2024-11110 Inappropriate implementation in Blink Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:C/A:N) Published 11/13/2024 Created 11/14/2024 Added 11/13/2024 Modified 01/28/2025 Description Inappropriate implementation in Extensions in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-11110 CVE - 2024-11110

SUSE: CVE-2024-11159: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 11/13/2024 Created 01/04/2025 Added 01/03/2025 Modified 01/28/2025 Description Using remote content in OpenPGP encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird < 128.4.3 and Thunderbird < 132.0.1. Solution(s) suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2024-11159 CVE - 2024-11159

PAN-OS: Server-Side Request Forgery in WildFire Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 11/13/2024 Created 11/15/2024 Added 11/14/2024 Modified 01/08/2025 Description Deprecated Solution(s)

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 11/13/2024 Created 11/15/2024 Added 11/14/2024 Modified 02/12/2025 Description Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Solution(s) pulse-secure-pulse-connect-secure-upgrade-22_7r2_1 pulse-secure-pulse-connect-secure-upgrade-9_1r18_7 References https://attackerkb.com/topics/cve-2024-39710 CVE - 2024-39710 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US

Ivanti Pulse Connect Secure: Security Advisory Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), Ivanti Secure Access Client (ISAC) (Multiple CVEs) Severity 8 CVSS (AV:N/AC:L/Au:M/C:C/I:C/A:C) Published 11/13/2024 Created 11/15/2024 Added 11/14/2024 Modified 02/12/2025 Description Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Solution(s) pulse-secure-pulse-connect-secure-upgrade-22_7r2_1 pulse-secure-pulse-connect-secure-upgrade-9_1r18_7 References https://attackerkb.com/topics/cve-2024-39712 CVE - 2024-39712 https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Connect-Secure-ICS-Ivanti-Policy-Secure-IPS-Ivanti-Secure-Access-Client-ISAC-Multiple-CVEs?language=en_US