ISHACK AI BOT

OS X update for Installer (CVE-2024-44287) Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:C/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious application may be able to modify protected parts of the file system. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44287 CVE - 2024-44287 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for Find My (CVE-2024-44289) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. An app may be able to read sensitive location information. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44289 CVE - 2024-44289 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

Pyload RCE (CVE-2024-39205) with js2py sandbox escape (CVE-2024-28397) Disclosed 10/28/2024 Created 11/15/2024 Description CVE-2024-28397 is sandbox escape in js2py (<=0.74) which is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape the sandbox, bypass pyimport restrictions and execute arbitrary commands on the host. At the time of writing no patch has been released, version 0.74 is the latest version of js2py which was released Nov 6, 2022. CVE-2024-39205 is an remote code execution vulnerability in Pyload (<=0.5.0b3.dev85) which is an open-source download manager designed to automate file downloads from various online sources. Pyload is vulnerable because it exposes the vulnerable js2py functionality mentioned above on the /flash/addcrypted2 API endpoint. This endpoint was designed to only accept connections from localhost but by manipulating the HOST header we can bypass this restriction in order to access the API to achieve unauth RCE. Author(s) Marven11 Spencer McIntyre jheysel-r7 Platform Linux,Unix Architectures cmd, x86, x64 Development Source Code History

Oracle Linux: CVE-2024-49761: ELSA-2024-10834:ruby:3.1 security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/28/2024 Created 12/10/2024 Added 12/06/2024 Modified 01/07/2025 Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &amp;# and x...; in a hex numeric character reference (&amp;#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. A flaw was found in the REXML XML toolkit for Ruby. Parsing XML data containing a large number of digits between `&amp;# `and `x...;` in a hex numeric character reference (`&amp;#x...;`) can trigger a regular expression denial of service (ReDoS) condition, leading to a denial of service. Solution(s) oracle-linux-upgrade-ruby oracle-linux-upgrade-ruby-bundled-gems oracle-linux-upgrade-ruby-default-gems oracle-linux-upgrade-ruby-devel oracle-linux-upgrade-ruby-doc oracle-linux-upgrade-rubygem-abrt oracle-linux-upgrade-rubygem-abrt-doc oracle-linux-upgrade-rubygem-bigdecimal oracle-linux-upgrade-rubygem-bson oracle-linux-upgrade-rubygem-bson-doc oracle-linux-upgrade-rubygem-bundler oracle-linux-upgrade-rubygem-bundler-doc oracle-linux-upgrade-rubygem-did-you-mean oracle-linux-upgrade-rubygem-io-console oracle-linux-upgrade-rubygem-irb oracle-linux-upgrade-rubygem-json oracle-linux-upgrade-rubygem-minitest oracle-linux-upgrade-rubygem-mongo oracle-linux-upgrade-rubygem-mongo-doc oracle-linux-upgrade-rubygem-mysql2 oracle-linux-upgrade-rubygem-mysql2-doc oracle-linux-upgrade-rubygem-net-telnet oracle-linux-upgrade-rubygem-openssl oracle-linux-upgrade-rubygem-pg oracle-linux-upgrade-rubygem-pg-doc oracle-linux-upgrade-rubygem-power-assert oracle-linux-upgrade-rubygem-psych oracle-linux-upgrade-rubygem-rake oracle-linux-upgrade-rubygem-rbs oracle-linux-upgrade-rubygem-rdoc oracle-linux-upgrade-rubygem-rexml oracle-linux-upgrade-rubygem-rss oracle-linux-upgrade-rubygems oracle-linux-upgrade-rubygems-devel oracle-linux-upgrade-rubygem-test-unit oracle-linux-upgrade-rubygem-typeprof oracle-linux-upgrade-rubygem-xmlrpc oracle-linux-upgrade-ruby-irb oracle-linux-upgrade-ruby-libs References https://attackerkb.com/topics/cve-2024-49761 CVE - 2024-49761 ELSA-2024-10834 ELSA-2024-10860 ELSA-2024-10850 ELSA-2024-10858

OS X update for Safari Private Browsing (CVE-2024-44229) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description An information leakage was addressed with additional validation. This issue is fixed in visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. Private browsing may leak some browsing history. Solution(s) apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44229 CVE - 2024-44229 https://support.apple.com/en-us/121564

OS X update for Safari Downloads (CVE-2024-44259) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description This issue was addressed through improved state management. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, visionOS 2.1, iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1, Safari 18.1. An attacker may be able to misuse a trust relationship to download malicious content. Solution(s) apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44259 CVE - 2024-44259 https://support.apple.com/en-us/121564

OS X update for Screen Capture (CVE-2024-44137) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1. An attacker with physical access may be able to share items from the lock screen. Solution(s) apple-osx-upgrade-13_7_1 apple-osx-upgrade-14_7_1 apple-osx-upgrade-15 References https://attackerkb.com/topics/cve-2024-44137 CVE - 2024-44137 https://support.apple.com/en-us/121238 https://support.apple.com/en-us/121568 https://support.apple.com/en-us/121570

OS X update for SceneKit (CVE-2024-44218) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 10/28/2024 Created 11/01/2024 Added 10/31/2024 Modified 01/28/2025 Description This issue was addressed with improved checks. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, macOS Sonoma 14.7.1, iOS 18.1 and iPadOS 18.1. Processing a maliciously crafted file may lead to heap corruption. Solution(s) apple-osx-upgrade-14_7_1 apple-osx-upgrade-15_1 References https://attackerkb.com/topics/cve-2024-44218 CVE - 2024-44218 https://support.apple.com/en-us/121564 https://support.apple.com/en-us/121570

Debian: CVE-2024-44296: webkit2gtk, wpewebkit -- security update Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 10/28/2024 Created 11/12/2024 Added 11/11/2024 Modified 01/28/2025 Description The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, watchOS 11.1, visionOS 2.1, macOS Sequoia 15.1, Safari 18.1. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. Solution(s) debian-upgrade-webkit2gtk debian-upgrade-wpewebkit References https://attackerkb.com/topics/cve-2024-44296 CVE - 2024-44296 DSA-5804-1

Debian: CVE-2024-49761: ruby2.7, ruby3.1 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 10/28/2024 Created 01/21/2025 Added 01/20/2025 Modified 01/28/2025 Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.9 has a ReDoS vulnerability when it parses an XML that has many digits between &# and x...; in a hex numeric character reference (&#x...;). This does not happen with Ruby 3.2 or later. Ruby 3.1 is the only affected maintained Ruby. The REXML gem 3.3.9 or later include the patch to fix the vulnerability. Solution(s) debian-upgrade-ruby2-7 debian-upgrade-ruby3-1 References https://attackerkb.com/topics/cve-2024-49761 CVE - 2024-49761 DLA-4018-1

Ubuntu: USN-7145-1 (CVE-2024-50602): Expat vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/27/2024 Created 12/12/2024 Added 12/11/2024 Modified 12/11/2024 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Solution(s) ubuntu-pro-upgrade-expat ubuntu-pro-upgrade-lib64expat1 ubuntu-pro-upgrade-lib64expat1-dev ubuntu-pro-upgrade-libexpat1 ubuntu-pro-upgrade-libexpat1-dev References https://attackerkb.com/topics/cve-2024-50602 CVE - 2024-50602 USN-7145-1

Rocky Linux: CVE-2024-50602: expat (RLSA-2024-9502) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/27/2024 Created 11/21/2024 Added 11/20/2024 Modified 11/20/2024 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Solution(s) rocky-upgrade-expat rocky-upgrade-expat-debuginfo rocky-upgrade-expat-debugsource rocky-upgrade-expat-devel References https://attackerkb.com/topics/cve-2024-50602 CVE - 2024-50602 https://errata.rockylinux.org/RLSA-2024:9502

Amazon Linux 2023: CVE-2024-50602: Medium priority package update for expat Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/27/2024 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. A security issue was found in Expat (libexpat). A crash can be triggered in the XML_ResumeParser function due to XML_StopParser&apos;s ability to stop or suspend an unstarted parser, which can lead to a denial of service. Solution(s) amazon-linux-2023-upgrade-expat amazon-linux-2023-upgrade-expat-debuginfo amazon-linux-2023-upgrade-expat-debugsource amazon-linux-2023-upgrade-expat-devel amazon-linux-2023-upgrade-expat-static References https://attackerkb.com/topics/cve-2024-50602 CVE - 2024-50602 https://alas.aws.amazon.com/AL2023/ALAS-2025-793.html

Red Hat: CVE-2024-50612: libsndfile: Segmentation fault error in ogg_vorbis.c:417 vorbis_analysis_wrote() (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/27/2024 Created 02/11/2025 Added 02/10/2025 Modified 02/10/2025 Description libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. Solution(s) redhat-upgrade-libsndfile redhat-upgrade-libsndfile-debuginfo redhat-upgrade-libsndfile-debugsource redhat-upgrade-libsndfile-devel redhat-upgrade-libsndfile-utils redhat-upgrade-libsndfile-utils-debuginfo References CVE-2024-50612 RHSA-2024:11172 RHSA-2024:11192 RHSA-2024:11237

Red Hat: CVE-2024-50602: libexpat: expat: DoS via XML_ResumeParser (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/27/2024 Created 11/15/2024 Added 11/14/2024 Modified 02/10/2025 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Solution(s) redhat-upgrade-expat redhat-upgrade-expat-debuginfo redhat-upgrade-expat-debugsource redhat-upgrade-expat-devel References CVE-2024-50602 RHSA-2024:11200 RHSA-2024:9502 RHSA-2024:9541

Huawei EulerOS: CVE-2024-50602: expat security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/27/2024 Created 01/15/2025 Added 01/14/2025 Modified 01/14/2025 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Solution(s) huawei-euleros-2_0_sp10-upgrade-expat References https://attackerkb.com/topics/cve-2024-50602 CVE - 2024-50602 EulerOS-SA-2025-1020

Ubuntu: USN-7267-1 (CVE-2024-50612): libsndfile vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/27/2024 Created 02/15/2025 Added 02/14/2025 Modified 02/14/2025 Description libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. Solution(s) ubuntu-pro-upgrade-libsndfile1 ubuntu-pro-upgrade-sndfile-programs References https://attackerkb.com/topics/cve-2024-50612 CVE - 2024-50612 USN-7267-1

Huawei EulerOS: CVE-2024-50602: expat security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/27/2024 Created 02/12/2025 Added 02/11/2025 Modified 02/11/2025 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Solution(s) huawei-euleros-2_0_sp12-upgrade-expat References https://attackerkb.com/topics/cve-2024-50602 CVE - 2024-50602 EulerOS-SA-2025-1188

CyberPanel Multi CVE Pre-auth RCE Disclosed 10/27/2024 Created 12/05/2024 Description This module exploits three separate unauthenticated Remote Code Execution vulnerabilities in CyberPanel: - CVE-2024-51567: Command injection vulnerability in the "upgrademysqlstatus" endpoint. - CVE-2024-51568: Command Injection via the "completePath" parameter in the "outputExecutioner" sink. - CVE-2024-51378: Unauthenticated RCE in "/ftp/getresetstatus" and "/dns/getresetstatus". These vulnerabilities were exploited in ransomware campaigns affecting over 22,000 CyberPanel instances, with the PSAUX ransomware being the primary actor in these attacks. Author(s) DreyAnd Valentin Lobstein Luka Petrovic (refr4g) Platform Linux,Unix Architectures cmd Development Source Code History

VMware Photon OS: CVE-2024-50602 Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/27/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-50602 CVE - 2024-50602

Huawei EulerOS: CVE-2024-50602: expat security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/27/2024 Created 01/16/2025 Added 01/15/2025 Modified 01/15/2025 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. Solution(s) huawei-euleros-2_0_sp9-upgrade-expat References https://attackerkb.com/topics/cve-2024-50602 CVE - 2024-50602 EulerOS-SA-2025-1054

Oracle Linux: CVE-2024-50612: ELSA-2024-11192:libsndfile security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 10/27/2024 Created 12/20/2024 Added 12/18/2024 Modified 12/26/2024 Description libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. A flaw was found in the libsndfile package. A specially crafted input file may trigger an out-of-bounds read, leading to memory corruption and a denial of service. Solution(s) oracle-linux-upgrade-libsndfile oracle-linux-upgrade-libsndfile-devel oracle-linux-upgrade-libsndfile-utils References https://attackerkb.com/topics/cve-2024-50612 CVE - 2024-50612 ELSA-2024-11192 ELSA-2024-11237

Oracle Linux: CVE-2024-50602: ELSA-2024-9502:expat security update (MODERATE) (Multiple Advisories) Severity 5 CVSS (AV:N/AC:H/Au:N/C:N/I:N/A:C) Published 10/27/2024 Created 11/23/2024 Added 11/21/2024 Modified 11/29/2024 Description An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. A security issue was found in Expat (libexpat). A crash can be triggered in the XML_ResumeParser function due to XML_StopParser&apos;s ability to stop or suspend an unstarted parser, which can lead to a denial of service. Solution(s) oracle-linux-upgrade-expat oracle-linux-upgrade-expat-devel References https://attackerkb.com/topics/cve-2024-50602 CVE - 2024-50602 ELSA-2024-9502 ELSA-2024-9541

Ubuntu: (CVE-2024-0126): nvidia-graphics-drivers-535-server vulnerability Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/26/2024 Created 11/21/2024 Added 11/19/2024 Modified 01/23/2025 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Solution(s) ubuntu-upgrade-nvidia-graphics-drivers-535-server References https://attackerkb.com/topics/cve-2024-0126 CVE - 2024-0126 https://nvidia.custhelp.com/app/answers/detail/a_id/5586 https://www.cve.org/CVERecord?id=CVE-2024-0126

Gentoo Linux: CVE-2024-0126: NVIDIA Drivers: Privilege Escalation Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 10/26/2024 Created 12/17/2024 Added 12/16/2024 Modified 12/16/2024 Description NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability which could allow a privileged attacker to escalate permissions. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2024-0126 CVE - 2024-0126 202412-20