ISHACK AI BOT

Aruba AOS-10: CVE-2024-31481: Unauthenticated Denial-of-Service (DoS) Vulnerabilities in CLI Service Accessed via the PAPI Protocol Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service. Solution(s) aruba-aos-10-cve-2024-31481 References https://attackerkb.com/topics/cve-2024-31481 CVE - 2024-31481 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

Alma Linux: CVE-2024-3044: Moderate: libreoffice security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 07/09/2024 Added 07/09/2024 Modified 11/14/2024 Description Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted. Solution(s) alma-upgrade-autocorr-af alma-upgrade-autocorr-bg alma-upgrade-autocorr-ca alma-upgrade-autocorr-cs alma-upgrade-autocorr-da alma-upgrade-autocorr-de alma-upgrade-autocorr-dsb alma-upgrade-autocorr-el alma-upgrade-autocorr-en alma-upgrade-autocorr-es alma-upgrade-autocorr-fa alma-upgrade-autocorr-fi alma-upgrade-autocorr-fr alma-upgrade-autocorr-ga alma-upgrade-autocorr-hr alma-upgrade-autocorr-hsb alma-upgrade-autocorr-hu alma-upgrade-autocorr-is alma-upgrade-autocorr-it alma-upgrade-autocorr-ja alma-upgrade-autocorr-ko alma-upgrade-autocorr-lb alma-upgrade-autocorr-lt alma-upgrade-autocorr-mn alma-upgrade-autocorr-nl alma-upgrade-autocorr-pl alma-upgrade-autocorr-pt alma-upgrade-autocorr-ro alma-upgrade-autocorr-ru alma-upgrade-autocorr-sk alma-upgrade-autocorr-sl alma-upgrade-autocorr-sr alma-upgrade-autocorr-sv alma-upgrade-autocorr-tr alma-upgrade-autocorr-vi alma-upgrade-autocorr-vro alma-upgrade-autocorr-zh alma-upgrade-libreoffice alma-upgrade-libreoffice-base alma-upgrade-libreoffice-calc alma-upgrade-libreoffice-core alma-upgrade-libreoffice-data alma-upgrade-libreoffice-draw alma-upgrade-libreoffice-emailmerge alma-upgrade-libreoffice-filters alma-upgrade-libreoffice-gdb-debug-support alma-upgrade-libreoffice-graphicfilter alma-upgrade-libreoffice-gtk3 alma-upgrade-libreoffice-help-ar alma-upgrade-libreoffice-help-bg alma-upgrade-libreoffice-help-bn alma-upgrade-libreoffice-help-ca alma-upgrade-libreoffice-help-cs alma-upgrade-libreoffice-help-da alma-upgrade-libreoffice-help-de alma-upgrade-libreoffice-help-dz alma-upgrade-libreoffice-help-el alma-upgrade-libreoffice-help-en alma-upgrade-libreoffice-help-eo alma-upgrade-libreoffice-help-es alma-upgrade-libreoffice-help-et alma-upgrade-libreoffice-help-eu alma-upgrade-libreoffice-help-fi alma-upgrade-libreoffice-help-fr alma-upgrade-libreoffice-help-gl alma-upgrade-libreoffice-help-gu alma-upgrade-libreoffice-help-he alma-upgrade-libreoffice-help-hi alma-upgrade-libreoffice-help-hr alma-upgrade-libreoffice-help-hu alma-upgrade-libreoffice-help-id alma-upgrade-libreoffice-help-it alma-upgrade-libreoffice-help-ja alma-upgrade-libreoffice-help-ko alma-upgrade-libreoffice-help-lt alma-upgrade-libreoffice-help-lv alma-upgrade-libreoffice-help-nb alma-upgrade-libreoffice-help-nl alma-upgrade-libreoffice-help-nn alma-upgrade-libreoffice-help-pl alma-upgrade-libreoffice-help-pt-br alma-upgrade-libreoffice-help-pt-pt alma-upgrade-libreoffice-help-ro alma-upgrade-libreoffice-help-ru alma-upgrade-libreoffice-help-si alma-upgrade-libreoffice-help-sk alma-upgrade-libreoffice-help-sl alma-upgrade-libreoffice-help-sv alma-upgrade-libreoffice-help-ta alma-upgrade-libreoffice-help-tr alma-upgrade-libreoffice-help-uk alma-upgrade-libreoffice-help-zh-hans alma-upgrade-libreoffice-help-zh-hant alma-upgrade-libreoffice-impress alma-upgrade-libreoffice-langpack-af alma-upgrade-libreoffice-langpack-ar alma-upgrade-libreoffice-langpack-as alma-upgrade-libreoffice-langpack-bg alma-upgrade-libreoffice-langpack-bn alma-upgrade-libreoffice-langpack-br alma-upgrade-libreoffice-langpack-ca alma-upgrade-libreoffice-langpack-cs alma-upgrade-libreoffice-langpack-cy alma-upgrade-libreoffice-langpack-da alma-upgrade-libreoffice-langpack-de alma-upgrade-libreoffice-langpack-dz alma-upgrade-libreoffice-langpack-el alma-upgrade-libreoffice-langpack-en alma-upgrade-libreoffice-langpack-eo alma-upgrade-libreoffice-langpack-es alma-upgrade-libreoffice-langpack-et alma-upgrade-libreoffice-langpack-eu alma-upgrade-libreoffice-langpack-fa alma-upgrade-libreoffice-langpack-fi alma-upgrade-libreoffice-langpack-fr alma-upgrade-libreoffice-langpack-fy alma-upgrade-libreoffice-langpack-ga alma-upgrade-libreoffice-langpack-gl alma-upgrade-libreoffice-langpack-gu alma-upgrade-libreoffice-langpack-he alma-upgrade-libreoffice-langpack-hi alma-upgrade-libreoffice-langpack-hr alma-upgrade-libreoffice-langpack-hu alma-upgrade-libreoffice-langpack-id alma-upgrade-libreoffice-langpack-it alma-upgrade-libreoffice-langpack-ja alma-upgrade-libreoffice-langpack-kk alma-upgrade-libreoffice-langpack-kn alma-upgrade-libreoffice-langpack-ko alma-upgrade-libreoffice-langpack-lt alma-upgrade-libreoffice-langpack-lv alma-upgrade-libreoffice-langpack-mai alma-upgrade-libreoffice-langpack-ml alma-upgrade-libreoffice-langpack-mr alma-upgrade-libreoffice-langpack-nb alma-upgrade-libreoffice-langpack-nl alma-upgrade-libreoffice-langpack-nn alma-upgrade-libreoffice-langpack-nr alma-upgrade-libreoffice-langpack-nso alma-upgrade-libreoffice-langpack-or alma-upgrade-libreoffice-langpack-pa alma-upgrade-libreoffice-langpack-pl alma-upgrade-libreoffice-langpack-pt-br alma-upgrade-libreoffice-langpack-pt-pt alma-upgrade-libreoffice-langpack-ro alma-upgrade-libreoffice-langpack-ru alma-upgrade-libreoffice-langpack-si alma-upgrade-libreoffice-langpack-sk alma-upgrade-libreoffice-langpack-sl alma-upgrade-libreoffice-langpack-sr alma-upgrade-libreoffice-langpack-ss alma-upgrade-libreoffice-langpack-st alma-upgrade-libreoffice-langpack-sv alma-upgrade-libreoffice-langpack-ta alma-upgrade-libreoffice-langpack-te alma-upgrade-libreoffice-langpack-th alma-upgrade-libreoffice-langpack-tn alma-upgrade-libreoffice-langpack-tr alma-upgrade-libreoffice-langpack-ts alma-upgrade-libreoffice-langpack-uk alma-upgrade-libreoffice-langpack-ve alma-upgrade-libreoffice-langpack-xh alma-upgrade-libreoffice-langpack-zh-hans alma-upgrade-libreoffice-langpack-zh-hant alma-upgrade-libreoffice-langpack-zu alma-upgrade-libreoffice-math alma-upgrade-libreoffice-ogltrans alma-upgrade-libreoffice-opensymbol-fonts alma-upgrade-libreoffice-pdfimport alma-upgrade-libreoffice-pyuno alma-upgrade-libreoffice-sdk alma-upgrade-libreoffice-sdk-doc alma-upgrade-libreoffice-ure alma-upgrade-libreoffice-ure-common alma-upgrade-libreoffice-wiki-publisher alma-upgrade-libreoffice-writer alma-upgrade-libreoffice-x11 alma-upgrade-libreoffice-xsltfilter alma-upgrade-libreofficekit References https://attackerkb.com/topics/cve-2024-3044 CVE - 2024-3044 https://errata.almalinux.org/8/ALSA-2024-4242.html https://errata.almalinux.org/9/ALSA-2024-4755.html

MFSA2024-21 Firefox: Security Vulnerabilities fixed in Firefox 126 (CVE-2024-10941) Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 05/14/2024 Created 11/08/2024 Added 11/07/2024 Modified 01/28/2025 Description A malicious website could have included an iframe with an malformed URI resulting in a non-exploitable browser crash. This vulnerability affects Firefox < 126. Solution(s) mozilla-firefox-upgrade-126_0 References https://attackerkb.com/topics/cve-2024-10941 CVE - 2024-10941 http://www.mozilla.org/security/announce/2024/mfsa2024-21.html

MFSA2024-21 Firefox: Security Vulnerabilities fixed in Firefox 126 (CVE-2024-4770) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 05/16/2024 Description When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) mozilla-firefox-upgrade-126_0 References https://attackerkb.com/topics/cve-2024-4770 CVE - 2024-4770 http://www.mozilla.org/security/announce/2024/mfsa2024-21.html

Microsoft Windows: CVE-2024-30000: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Windows Mobile Broadband Driver Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-30000 CVE - 2024-30000 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 View more

OS X update for AppleMobileFileIntegrity (CVE-2024-27816) Severity 5 CVSS (AV:L/AC:M/Au:N/C:C/I:N/A:N) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 01/28/2025 Description A logic issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker may be able to access user data. Solution(s) apple-osx-upgrade-14_5 References https://attackerkb.com/topics/cve-2024-27816 CVE - 2024-27816 https://support.apple.com/en-us/120903

Aruba AOS-10: CVE-2024-31469: Unauthenticated Buffer Overflow Vulnerabilities in Central Communications Service Accessed by the PAPI Protocol Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. Solution(s) aruba-aos-10-cve-2024-31469 References https://attackerkb.com/topics/cve-2024-31469 CVE - 2024-31469 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_2024-006.json

VMware Photon OS: CVE-2024-32004 Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, an attacker can prepare a local repository in such a way that, when cloned, will execute arbitrary code during the operation. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid cloning repositories from untrusted sources. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-32004 CVE - 2024-32004

VMware Photon OS: CVE-2024-32465 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Git is a revision control system. The Git project recommends to avoid working in untrusted repositories, and instead to clone it first with `git clone --no-local` to obtain a clean copy. Git has specific protections to make that a safe operation even with an untrusted source repository, but vulnerabilities allow those protections to be bypassed. In the context of cloning local repositories owned by other users, this vulnerability has been covered in CVE-2024-32004. But there are circumstances where the fixes for CVE-2024-32004 are not enough: For example, when obtaining a `.zip` file containing a full copy of a Git repository, it should not be trusted by default to be safe, as e.g. hooks could be configured to run within the context of that repository. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. As a workaround, avoid using Git in repositories that have been obtained via archives from untrusted sources. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2024-32465 CVE - 2024-32465

Alma Linux: CVE-2024-4767: Moderate: firefox security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/22/2024 Added 05/22/2024 Modified 09/18/2024 Description If the `browser.privatebrowsing.autostart` preference is enabled, IndexedDB files were not properly deleted when the window was closed. This preference is disabled by default in Firefox. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2024-4767 CVE - 2024-4767 https://errata.almalinux.org/8/ALSA-2024-3783.html https://errata.almalinux.org/8/ALSA-2024-3784.html https://errata.almalinux.org/9/ALSA-2024-2883.html https://errata.almalinux.org/9/ALSA-2024-2888.html

Microsoft Windows: CVE-2024-30003: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Windows Mobile Broadband Driver Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-30003 CVE - 2024-30003 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 View more

SUSE: CVE-2024-3727: SUSE Linux Security Advisory Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 05/31/2024 Added 05/30/2024 Modified 02/12/2025 Description A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. Solution(s) suse-upgrade-apptainer suse-upgrade-apptainer-leap suse-upgrade-apptainer-sle15_5 suse-upgrade-apptainer-sle15_6 suse-upgrade-buildah suse-upgrade-containerized-data-importer-api suse-upgrade-containerized-data-importer-cloner suse-upgrade-containerized-data-importer-controller suse-upgrade-containerized-data-importer-importer suse-upgrade-containerized-data-importer-manifests suse-upgrade-containerized-data-importer-operator suse-upgrade-containerized-data-importer-uploadproxy suse-upgrade-containerized-data-importer-uploadserver suse-upgrade-docker suse-upgrade-docker-bash-completion suse-upgrade-docker-fish-completion suse-upgrade-docker-rootless-extras suse-upgrade-docker-zsh-completion suse-upgrade-govulncheck-vulndb suse-upgrade-libsquashfuse0 suse-upgrade-obs-service-cdi_containers_meta suse-upgrade-podman suse-upgrade-podman-cni-config suse-upgrade-podman-docker suse-upgrade-podman-remote suse-upgrade-podmansh suse-upgrade-skopeo suse-upgrade-skopeo-bash-completion suse-upgrade-skopeo-fish-completion suse-upgrade-skopeo-zsh-completion suse-upgrade-squashfuse suse-upgrade-squashfuse-devel suse-upgrade-squashfuse-tools suse-upgrade-warewulf4 suse-upgrade-warewulf4-man suse-upgrade-warewulf4-overlay suse-upgrade-warewulf4-overlay-slurm References https://attackerkb.com/topics/cve-2024-3727 CVE - 2024-3727

Adobe Animate: CVE-2024-30295: Security updates available for Adobe Animate (APSB24-36) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 01/08/2025 Description Adobe has released an update for Adobe Animate. This update resolves critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-animate-upgrade-latest References https://attackerkb.com/topics/cve-2024-30295 CVE - 2024-30295 https://helpx.adobe.com/security/products/animate/apsb24-36.html

Adobe Animate: CVE-2024-30298: Security updates available for Adobe Animate (APSB24-36) Severity 5 CVSS (AV:L/AC:L/Au:N/C:C/I:N/A:N) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 01/08/2025 Description Adobe has released an update for Adobe Animate. This update resolves critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-animate-upgrade-latest References https://attackerkb.com/topics/cve-2024-30298 CVE - 2024-30298 https://helpx.adobe.com/security/products/animate/apsb24-36.html

SUSE: CVE-2024-27395: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/14/2024 Created 06/14/2024 Added 06/13/2024 Modified 01/28/2025 Description In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal of ovs_ct_limit_exit, is not part of the RCU read critical section, it is possible that the RCU grace period will pass during the traversal and the key will be free. To prevent this, it should be changed to hlist_for_each_entry_safe. Solution(s) suse-upgrade-cluster-md-kmp-64kb suse-upgrade-cluster-md-kmp-azure suse-upgrade-cluster-md-kmp-default suse-upgrade-cluster-md-kmp-rt suse-upgrade-dlm-kmp-64kb suse-upgrade-dlm-kmp-azure suse-upgrade-dlm-kmp-default suse-upgrade-dlm-kmp-rt suse-upgrade-dtb-allwinner suse-upgrade-dtb-altera suse-upgrade-dtb-amazon suse-upgrade-dtb-amd suse-upgrade-dtb-amlogic suse-upgrade-dtb-apm suse-upgrade-dtb-apple suse-upgrade-dtb-arm suse-upgrade-dtb-broadcom suse-upgrade-dtb-cavium suse-upgrade-dtb-exynos suse-upgrade-dtb-freescale suse-upgrade-dtb-hisilicon suse-upgrade-dtb-lg suse-upgrade-dtb-marvell suse-upgrade-dtb-mediatek suse-upgrade-dtb-nvidia suse-upgrade-dtb-qcom suse-upgrade-dtb-renesas suse-upgrade-dtb-rockchip suse-upgrade-dtb-socionext suse-upgrade-dtb-sprd suse-upgrade-dtb-xilinx suse-upgrade-gfs2-kmp-64kb suse-upgrade-gfs2-kmp-azure suse-upgrade-gfs2-kmp-default suse-upgrade-gfs2-kmp-rt suse-upgrade-kernel-64kb suse-upgrade-kernel-64kb-devel suse-upgrade-kernel-64kb-extra suse-upgrade-kernel-64kb-livepatch-devel suse-upgrade-kernel-64kb-optional suse-upgrade-kernel-azure suse-upgrade-kernel-azure-devel suse-upgrade-kernel-azure-extra suse-upgrade-kernel-azure-livepatch-devel suse-upgrade-kernel-azure-optional suse-upgrade-kernel-azure-vdso suse-upgrade-kernel-debug suse-upgrade-kernel-debug-devel suse-upgrade-kernel-debug-livepatch-devel suse-upgrade-kernel-debug-vdso suse-upgrade-kernel-default suse-upgrade-kernel-default-base suse-upgrade-kernel-default-base-rebuild suse-upgrade-kernel-default-devel suse-upgrade-kernel-default-extra suse-upgrade-kernel-default-livepatch suse-upgrade-kernel-default-livepatch-devel suse-upgrade-kernel-default-optional suse-upgrade-kernel-default-vdso suse-upgrade-kernel-devel suse-upgrade-kernel-devel-azure suse-upgrade-kernel-devel-rt suse-upgrade-kernel-docs suse-upgrade-kernel-docs-html suse-upgrade-kernel-kvmsmall suse-upgrade-kernel-kvmsmall-devel suse-upgrade-kernel-kvmsmall-livepatch-devel suse-upgrade-kernel-kvmsmall-vdso suse-upgrade-kernel-macros suse-upgrade-kernel-obs-build suse-upgrade-kernel-obs-qa suse-upgrade-kernel-rt suse-upgrade-kernel-rt-devel suse-upgrade-kernel-rt-extra suse-upgrade-kernel-rt-livepatch suse-upgrade-kernel-rt-livepatch-devel suse-upgrade-kernel-rt-optional suse-upgrade-kernel-rt-vdso suse-upgrade-kernel-rt_debug suse-upgrade-kernel-rt_debug-devel suse-upgrade-kernel-rt_debug-livepatch-devel suse-upgrade-kernel-rt_debug-vdso suse-upgrade-kernel-source suse-upgrade-kernel-source-azure suse-upgrade-kernel-source-rt suse-upgrade-kernel-source-vanilla suse-upgrade-kernel-syms suse-upgrade-kernel-syms-azure suse-upgrade-kernel-syms-rt suse-upgrade-kernel-zfcpdump suse-upgrade-kselftests-kmp-64kb suse-upgrade-kselftests-kmp-azure suse-upgrade-kselftests-kmp-default suse-upgrade-kselftests-kmp-rt suse-upgrade-ocfs2-kmp-64kb suse-upgrade-ocfs2-kmp-azure suse-upgrade-ocfs2-kmp-default suse-upgrade-ocfs2-kmp-rt suse-upgrade-reiserfs-kmp-64kb suse-upgrade-reiserfs-kmp-azure suse-upgrade-reiserfs-kmp-default suse-upgrade-reiserfs-kmp-rt References https://attackerkb.com/topics/cve-2024-27395 CVE - 2024-27395

Adobe Animate: CVE-2024-30282: Security updates available for Adobe Animate (APSB24-36) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/15/2024 Modified 01/08/2025 Description Adobe has released an update for Adobe Animate. This update resolves critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Solution(s) adobe-animate-upgrade-latest References https://attackerkb.com/topics/cve-2024-30282 CVE - 2024-30282 https://helpx.adobe.com/security/products/animate/apsb24-36.html

Ubuntu: (Multiple Advisories) (CVE-2023-52656): Linux kernel vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 05/14/2024 Created 07/02/2024 Added 07/01/2024 Modified 07/29/2024 Description In the Linux kernel, the following vulnerability has been resolved: io_uring: drop any code related to SCM_RIGHTS This is dead code after we dropped support for passing io_uring fds over SCM_RIGHTS, get rid of it. Solution(s) ubuntu-upgrade-linux-image-5-15-0-1030-xilinx-zynqmp ubuntu-upgrade-linux-image-5-15-0-1046-gkeop ubuntu-upgrade-linux-image-5-15-0-1056-ibm ubuntu-upgrade-linux-image-5-15-0-1057-ibm ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg ubuntu-upgrade-linux-image-5-15-0-1058-nvidia ubuntu-upgrade-linux-image-5-15-0-1058-nvidia-lowlatency ubuntu-upgrade-linux-image-5-15-0-1058-raspi ubuntu-upgrade-linux-image-5-15-0-1060-gke ubuntu-upgrade-linux-image-5-15-0-1060-kvm ubuntu-upgrade-linux-image-5-15-0-1061-oracle ubuntu-upgrade-linux-image-5-15-0-1062-gcp ubuntu-upgrade-linux-image-5-15-0-1063-aws ubuntu-upgrade-linux-image-5-15-0-1065-azure-fde ubuntu-upgrade-linux-image-5-15-0-1066-azure ubuntu-upgrade-linux-image-5-15-0-110-lowlatency ubuntu-upgrade-linux-image-5-15-0-110-lowlatency-64k ubuntu-upgrade-linux-image-5-15-0-112-generic ubuntu-upgrade-linux-image-5-15-0-112-generic-64k ubuntu-upgrade-linux-image-5-15-0-112-generic-lpae ubuntu-upgrade-linux-image-5-15-0-113-generic ubuntu-upgrade-linux-image-5-15-0-113-generic-64k ubuntu-upgrade-linux-image-5-15-0-113-generic-lpae ubuntu-upgrade-linux-image-5-4-0-1040-iot ubuntu-upgrade-linux-image-5-4-0-1047-xilinx-zynqmp ubuntu-upgrade-linux-image-5-4-0-1075-ibm ubuntu-upgrade-linux-image-5-4-0-1088-bluefield ubuntu-upgrade-linux-image-5-4-0-1095-gkeop ubuntu-upgrade-linux-image-5-4-0-1112-raspi ubuntu-upgrade-linux-image-5-4-0-1116-kvm ubuntu-upgrade-linux-image-5-4-0-1127-oracle ubuntu-upgrade-linux-image-5-4-0-1128-aws ubuntu-upgrade-linux-image-5-4-0-1132-gcp ubuntu-upgrade-linux-image-5-4-0-1133-azure ubuntu-upgrade-linux-image-5-4-0-189-generic ubuntu-upgrade-linux-image-5-4-0-189-generic-lpae ubuntu-upgrade-linux-image-5-4-0-189-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-aws-lts-22-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-fde-lts-22-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-azure-lts-22-04 ubuntu-upgrade-linux-image-bluefield ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-gcp-lts-22-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-15 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-15 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-ibm ubuntu-upgrade-linux-image-ibm-lts-20-04 ubuntu-upgrade-linux-image-intel ubuntu-upgrade-linux-image-intel-iotg ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-64k ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04 ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-nvidia ubuntu-upgrade-linux-image-nvidia-lowlatency ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-20-04c ubuntu-upgrade-linux-image-oem-20-04d ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-oracle-lts-22-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-linux-image-xilinx-zynqmp References https://attackerkb.com/topics/cve-2023-52656 CVE - 2023-52656 USN-6820-1 USN-6820-2 USN-6821-1 USN-6821-2 USN-6821-3 USN-6821-4 USN-6828-1 USN-6871-1 USN-6892-1 USN-6896-1 USN-6896-2 USN-6896-3 USN-6896-4 USN-6896-5 USN-6919-1 View more

Microsoft Windows: CVE-2024-29996: Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description Windows Common Log File System Driver Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-29996 CVE - 2024-29996 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Microsoft Windows: CVE-2024-29997: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Windows Mobile Broadband Driver Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-29997 CVE - 2024-29997 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 View more

Microsoft Windows: CVE-2024-30022: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-30022 CVE - 2024-30022 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Microsoft Windows: CVE-2024-30024: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Severity 8 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-30024 CVE - 2024-30024 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Microsoft Windows: CVE-2024-30036: Windows Deployment Services Information Disclosure Vulnerability Severity 7 CVSS (AV:N/AC:L/Au:S/C:C/I:N/A:N) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description Windows Deployment Services Information Disclosure Vulnerability Solution(s) microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-30036 CVE - 2024-30036 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037823

Microsoft Windows: CVE-2024-30027: NTFS Elevation of Privilege Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 09/06/2024 Description NTFS Elevation of Privilege Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2012-kb5037778 microsoft-windows-windows_server_2012_r2-kb5037823 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 msft-kb5037803-917baaff-bfb9-4b2f-b561-fb28357ada5f msft-kb5037836-9a6e4267-ddba-4af3-ae7b-b4bc66fd6601 msft-kb5037836-e81d6341-a6bf-46d2-8b19-4b1e9f89480e References https://attackerkb.com/topics/cve-2024-30027 CVE - 2024-30027 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037778 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 https://support.microsoft.com/help/5037823 View more

Microsoft Windows: CVE-2024-30021: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Windows Mobile Broadband Driver Remote Code Execution Vulnerability Solution(s) microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-30021 CVE - 2024-30021 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 View more

Microsoft Windows: CVE-2024-30040: Windows MSHTML Platform Security Feature Bypass Vulnerability Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 05/14/2024 Created 05/15/2024 Added 05/14/2024 Modified 08/13/2024 Description Windows MSHTML Platform Security Feature Bypass Vulnerability Solution(s) microsoft-windows-windows_10-1507-kb5037788 microsoft-windows-windows_10-1607-kb5037763 microsoft-windows-windows_10-1809-kb5037765 microsoft-windows-windows_10-21h2-kb5037768 microsoft-windows-windows_10-22h2-kb5037768 microsoft-windows-windows_11-21h2-kb5037770 microsoft-windows-windows_11-22h2-kb5037771 microsoft-windows-windows_11-23h2-kb5037771 microsoft-windows-windows_server_2016-1607-kb5037763 microsoft-windows-windows_server_2019-1809-kb5037765 microsoft-windows-windows_server_2022-21h2-kb5037782 microsoft-windows-windows_server_2022-22h2-kb5037782 microsoft-windows-windows_server_2022-23h2-kb5037781 References https://attackerkb.com/topics/cve-2024-30040 CVE - 2024-30040 https://support.microsoft.com/help/5037763 https://support.microsoft.com/help/5037765 https://support.microsoft.com/help/5037768 https://support.microsoft.com/help/5037770 https://support.microsoft.com/help/5037771 https://support.microsoft.com/help/5037781 https://support.microsoft.com/help/5037782 https://support.microsoft.com/help/5037788 View more