ISHACK AI BOT

CUPS: CVE-2024-47076: Access to controlled data via IPP Severity 9 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:C) Published 09/26/2024 Created 09/27/2024 Added 09/26/2024 Modified 09/30/2024 Description Affecting libcupsfilters less than or equal to 2.1b1: cfGetPrinterAttributes5 does not validate or sanitize the IPP attributes returned from an IPP server, providing attacker controlled data to the rest of the CUPS system. Solution(s) misc-no-solution-exists References https://attackerkb.com/topics/cve-2024-47076 CVE - 2024-47076 https://www.evilsocket.net/2024/09/26/Attacking-UNIX-systems-via-CUPS-Part-I/

Debian: CVE-2023-7282: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 09/25/2024 Created 09/26/2024 Added 09/25/2024 Modified 01/28/2025 Description Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2023-7282 CVE - 2023-7282 DSA-5398-1

Microsoft Edge Chromium: CVE-2024-9120 Use after free in Dawn Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 09/28/2024 Added 09/27/2024 Modified 01/28/2025 Description Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-9120 CVE - 2024-9120 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-9120

Microsoft Edge Chromium: CVE-2024-9123 Integer overflow in Skia Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 09/28/2024 Added 09/27/2024 Modified 01/28/2025 Description Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-9123 CVE - 2024-9123 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-9123

SUSE: CVE-2024-9121: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 01/01/2025 Added 12/31/2024 Modified 01/28/2025 Description Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2024-9121 CVE - 2024-9121

FreeBSD: (Multiple Advisories) (CVE-2024-9123): electron31 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description Integer overflow in Skia in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron31 freebsd-upgrade-package-qt5-webengine freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2024-9123

FreeBSD: (Multiple Advisories) (CVE-2024-9121): electron31 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron31 freebsd-upgrade-package-ungoogled-chromium References CVE-2024-9121

Microsoft Edge Chromium: CVE-2024-9121 Inappropriate implementation in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 09/28/2024 Added 09/27/2024 Modified 01/28/2025 Description Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-9121 CVE - 2024-9121 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-9121

WordPress TI WooCommerce Wishlist SQL Injection (CVE-2024-43917) Disclosed 09/25/2024 Created 10/31/2024 Description The TI WooCommerce Wishlist plugin <= 2.8.2 is vulnerable to an unauthenticated SQL injection, allowing attackers to retrieve sensitive information. Author(s) Rafie Muhammad Valentin Lobstein Development Source Code History

Google Chrome Vulnerability: CVE-2024-9122 Type Confusion in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 09/26/2024 Added 09/25/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-9122 CVE - 2024-9122

Cisco Catalyst SD-WAN: CVE-2024-20475: Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 09/25/2024 Created 09/27/2024 Added 09/26/2024 Modified 09/26/2024 Description A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface. Solution(s) cisco-catalyst-sdwan-update-latest References https://attackerkb.com/topics/cve-2024-20475 CVE - 2024-20475 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd cisco-sa-sdwan-xss-zQ4KPvYd

Debian: CVE-2024-7022: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:P) Published 09/25/2024 Created 09/26/2024 Added 09/25/2024 Modified 01/28/2025 Description Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-7022 CVE - 2024-7022 DSA-5648-1

Google Chrome Vulnerability: CVE-2024-9121 Inappropriate implementation in V8 Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 09/26/2024 Added 09/25/2024 Modified 01/28/2025 Description Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) google-chrome-upgrade-latest References https://attackerkb.com/topics/cve-2024-9121 CVE - 2024-9121

Debian: CVE-2024-38286: tomcat10, tomcat9 -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/25/2024 Created 09/26/2024 Added 09/25/2024 Modified 02/14/2025 Description Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M20, from 10.1.0-M1 through 10.1.24, from 9.0.13 through 9.0.89. Older, unsupported versions may also be affected. Users are recommended to upgrade to version 11.0.0-M21, 10.1.25, or 9.0.90, which fixes the issue. Apache Tomcat, under certain configurations on any platform, allows an attacker to cause an OutOfMemoryError by abusing the TLS handshake process. Solution(s) debian-upgrade-tomcat10 debian-upgrade-tomcat9 References https://attackerkb.com/topics/cve-2024-38286 CVE - 2024-38286 DLA-4017-1 DSA-5845-1

Cisco XE: CVE-2024-20433: Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/25/2024 Created 09/27/2024 Added 09/26/2024 Modified 02/11/2025 Description A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow when processing crafted RSVP packets. An attacker could exploit this vulnerability by sending RSVP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2024-20433 CVE - 2024-20433 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rsvp-dos-OypvgVZf cisco-sa-rsvp-dos-OypvgVZf

Debian: CVE-2024-9121: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 10/01/2024 Added 09/30/2024 Modified 01/28/2025 Description Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-9121 CVE - 2024-9121 DSA-5775-1

Cisco XE: CVE-2024-20414: Cisco IOS and IOS XE Software Web UI Cross-Site Request Forgery Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/25/2024 Created 09/27/2024 Added 09/26/2024 Modified 02/11/2025 Description A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration changes through the HTTP GET method. An attacker could exploit this vulnerability by persuading a currently authenticated administrator to follow a crafted link. A successful exploit could allow the attacker to change the configuration of the affected device. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2024-20414 CVE - 2024-20414 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-HfwnRgk cisco-sa-ios-webui-HfwnRgk

Debian: CVE-2022-48945: linux -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 09/25/2024 Created 09/26/2024 Added 09/25/2024 Modified 09/26/2024 Description In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 #PF: supervisor write access in kernel mode #PF: error_code(0x0002) - not-present page PGD 100000067 P4D 100000067 PUD 10015f067 PMD 1121ca067 PTE 0 Oops: 0002 [#1] PREEMPT SMP CPU: 0 PID: 23489 Comm: vivid-000-vid-c Not tainted 6.1.0-rc1+ #512 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 RIP: 0010:memcpy_erms+0x6/0x10 [...] Call Trace: <TASK> ? tpg_fill_plane_buffer+0x856/0x15b0 vivid_fillbuff+0x8ac/0x1110 vivid_thread_vid_cap_tick+0x361/0xc90 vivid_thread_vid_cap+0x21a/0x3a0 kthread+0x143/0x180 ret_from_fork+0x1f/0x30 </TASK> This is because we forget to check boundary after adjust compose->height int V4L2_SEL_TGT_CROP case. Add v4l2_rect_map_inside() to fix this problem for this case. Solution(s) debian-upgrade-linux References https://attackerkb.com/topics/cve-2022-48945 CVE - 2022-48945

Oracle Linux: CVE-2024-44187: ELSA-2024-8180:webkit2gtk3 security update (IMPORTANT) (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:C/I:N/A:N) Published 09/25/2024 Created 10/24/2024 Added 10/16/2024 Modified 01/16/2025 Description A cross-origin issue existed with &quot;iframe&quot; elements. This was addressed with improved tracking of security origins. This issue is fixed in Safari 18, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. A malicious website may exfiltrate data cross-origin. A vulnerability was found in WebKit. This flaw allows a remote attacker to exfiltrate data cross-origin by convincing a victim to visit a specially crafted website, which results in obtaining sensitive information. Solution(s) oracle-linux-upgrade-webkit2gtk3 oracle-linux-upgrade-webkit2gtk3-devel oracle-linux-upgrade-webkit2gtk3-jsc oracle-linux-upgrade-webkit2gtk3-jsc-devel References https://attackerkb.com/topics/cve-2024-44187 CVE - 2024-44187 ELSA-2024-8180 ELSA-2024-9636 ELSA-2024-9553

Cisco XE: CVE-2024-20510: Cisco IOS XE Softwarefor Wireless Controllers CWA Pre-Authentication ACL Bypass Vulnerability Severity 3 CVSS (AV:A/AC:L/Au:N/C:N/I:P/A:N) Published 09/25/2024 Created 09/27/2024 Added 09/26/2024 Modified 02/11/2025 Description A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication access control list (ACL), which could allow access to network resources before user authentication. This vulnerability is due to a logic error when activating the pre-authentication ACL that is received from the authentication, authorization, and accounting (AAA) server. An attacker could exploit this vulnerability by connecting to a wireless network that is configured for CWA and sending traffic through an affected device that should be denied by the configured ACL before user authentication. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device before the user authentication is completed, allowing the attacker to access trusted networks that the device might be protecting. Solution(s) cisco-xe-update-latest References https://attackerkb.com/topics/cve-2024-20510 CVE - 2024-20510 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c9800-cwa-acl-nPSbHSnA cisco-sa-c9800-cwa-acl-nPSbHSnA

Cisco IOS: CVE-2024-20465: Cisco IOS Software on Cisco Industrial Ethernet Series Switches Access Control List Bypass Vulnerability Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 09/25/2024 Created 09/27/2024 Added 09/26/2024 Modified 09/26/2024 Description A vulnerability in the access control list (ACL) programming of Cisco IOS Software running on Cisco Industrial Ethernet 4000, 4010, and 5000 Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the incorrect handling of IPv4 ACLs on switched virtual interfaces when an administrator enables and disables Resilient Ethernet Protocol (REP). An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. Solution(s) cisco-ios-upgrade-latest References https://attackerkb.com/topics/cve-2024-20465 CVE - 2024-20465 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-repacl-9eXgnBpD cisco-sa-repacl-9eXgnBpD

Cisco IOS: CVE-2024-20433: Cisco IOS and IOS XE Software Resource Reservation Protocol Denial of Service Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/25/2024 Created 09/27/2024 Added 09/26/2024 Modified 02/14/2025 Description A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow when processing crafted RSVP packets. An attacker could exploit this vulnerability by sending RSVP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Solution(s) cisco-ios-upgrade-latest References https://attackerkb.com/topics/cve-2024-20433 CVE - 2024-20433 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rsvp-dos-OypvgVZf cisco-sa-rsvp-dos-OypvgVZf

Cisco IOS: CVE-2024-20414: Cisco IOS and IOS XE Software Web UI Cross-Site Request Forgery Vulnerability Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:C/A:N) Published 09/25/2024 Created 09/27/2024 Added 09/26/2024 Modified 01/22/2025 Description A vulnerability in the web UI feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system through the web UI. This vulnerability is due to incorrectly accepting configuration changes through the HTTP GET method. An attacker could exploit this vulnerability by persuading a currently authenticated administrator to follow a crafted link. A successful exploit could allow the attacker to change the configuration of the affected device. Solution(s) cisco-ios-upgrade-latest References https://attackerkb.com/topics/cve-2024-20414 CVE - 2024-20414 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-webui-HfwnRgk cisco-sa-ios-webui-HfwnRgk

FreeBSD: (Multiple Advisories) (CVE-2024-9122): electron31 -- multiple vulnerabilities Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/25/2024 Created 10/03/2024 Added 10/02/2024 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 129.0.6668.70 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) freebsd-upgrade-package-chromium freebsd-upgrade-package-electron31 freebsd-upgrade-package-qt6-webengine freebsd-upgrade-package-ungoogled-chromium References CVE-2024-9122

FreeBSD: VID-4B7ED61F-7BBF-11EF-9369-2CF05DA270F3 (CVE-2024-4278): Gitlab -- vulnerabilities Severity 3 CVSS (AV:N/AC:L/Au:M/C:P/I:N/A:N) Published 09/25/2024 Created 09/28/2024 Added 09/27/2024 Modified 01/28/2025 Description An information disclosure issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. A maintainer could obtain a Dependency Proxy password by editing a certain Dependency Proxy setting. Solution(s) freebsd-upgrade-package-gitlab-ce freebsd-upgrade-package-gitlab-ee References CVE-2024-4278