Red Hat Security Advisory 2024-4368-03 - An update for git is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a bypass vulnerability.
25a60124287e5c51161486a45d4332679517842a4a00293c2c328c750681e6e0Red Hat Security Advisory 2024-4367-03 - An update for pki-core is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
93d0755766b74454add64791a7f5efc3c302da7bb6c3ab6ede055d312bbd527cRed Hat Security Advisory 2024-4156-03 - Red Hat OpenShift Container Platform release 4.16.1 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a bypass vulnerability.
901d2d335961305bfd2ccefd855d5807c42c386ca1f4d02f67d6dd99f09ce305Red Hat Security Advisory 2024-4222-03 - An update for pki-core is now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.
f8d8d176451b9ec1f98cdf1d265346562bec499d0810848a04b80dc09fbda85dRed Hat Security Advisory 2024-4151-03 - Red Hat OpenShift Container Platform release 4.15.20 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a bypass vulnerability.
1725f41b688010f04d824a17b676dca08e68d7558f6740364037f6700dfc9c30Red Hat Security Advisory 2024-4179-03 - An update for pki-core is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a bypass vulnerability.
68df5f13f9d757b6ac04834bba0477fac1fd0af6d2271ba5e0b7b182fecbc66eRed Hat Security Advisory 2024-4165-03 - An update for pki-core is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
23d4f1f852e12a4ee019766791f43e4c49c8ff037a47c54ecc229ee7bd11669aRed Hat Security Advisory 2024-4164-03 - An update for pki-core is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Issues addressed include a bypass vulnerability.
17ea5224a8182ec6db41594c1fda90b85038c014e2302ac67bc1dc9619e97837Red Hat Security Advisory 2024-0043-03 - Red Hat build of MicroShift release 4.16.0 is now available with updates to packages and images that include a security update. Issues addressed include a bypass vulnerability.
066804ca4c07407b2518468e5b95583cbef716c0f01317dbe12cc11527a2cc82Red Hat Security Advisory 2024-4084-03 - An update for git is now available for Red Hat Enterprise Linux 8. Issues addressed include a bypass vulnerability.
da35f00592a179615ef9c587c179a4b4ac5a62e40fd0fe1b807791b52f936db7Red Hat Security Advisory 2024-4083-03 - An update for git is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
b3ade0f25a30dcccb249aebf68b295640e580d10a548596c56a19eedc6b6700eRed Hat Security Advisory 2024-4070-03 - An update for pki-core is now available for Red Hat Certificate System 10.4 for RHEL 8.6. Issues addressed include a bypass vulnerability.
775b77995ec21e0a213bc721c8fcc9624d3f99faab5c41d51e153644dd02c4ceRed Hat Security Advisory 2024-4051-03 - An update for pki-core is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a bypass vulnerability.
8b591a46545d2fc346df180b5df166dcd267d6d13cffe63c0f7ba458e7eff4f4This Metasploit module chains an authentication bypass vulnerability with a deserialization vulnerability to obtain remote code execution against Telerik Report Server versions 10.0.24.130 and below. The authentication bypass flaw allows an unauthenticated user to create a new user with administrative privileges. The USERNAME datastore option can be used to authenticate with an existing account to prevent the creation of a new one. The deserialization flaw works by uploading a specially crafted report that when loaded will execute an OS command as NT AUTHORITY\SYSTEM. The module will automatically delete the created report but not the account because users are unable to delete themselves.
c8284cfa43ce5539a8a2a273491db985cf3ca1e11f9f79a70c88e33e5ddb8d98Apple Security Advisory 05-13-2024-1 - Safari 17.5 addresses a bypass vulnerability.
2145ef1f9493537a3c4e8d716107c80254dc03abc9b3a0f888edb8eb08097effRed Hat Security Advisory 2024-2517-03 - An update for wpa_supplicant is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
8524f45342379f23a28563d69bc1323f5335b59713270fa1753cd0f9a39bd719Flowise version 1.6.5 suffers from an authentication bypass vulnerability.
3e1f90eb3e5b1062684116e0ad3ee800ad56cd0568e9f1d337614220c32d8dbaElber Wayber Analog/Digital Audio STL version 4.00 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.suffers from a bypass vulnerability.
a8be311ea8bd5716cfaf9d9ff03921fd4ed851241b2631c9ed01cc72407d6cd5Elber ESE DVB-S/S2 Satellite Receiver version 1.5.x suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.
83741fb5f4f7b681078f0f0aabdad5e51a82d40ac4c86d1cf8609032649927cbElber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.
c2417b5039d600504ceb0e6c879a84ed9fa871b7b6f5e5cc38ae49fcdd200170Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.
055664930200e432744c2fe93d040213de69b2cc7bd67a68df70afa259bd9b24Elber Signum DVB-S/S2 IRD for Radio Networks version 1.999 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables them to overwrite the password of any user within the system. This grants unauthorized and administrative access to protected areas of the application compromising the device's system security.
9ceffe5b49bd3badfd5ead7c79b69103e029d8dd57cc256606f884dc51678833Online Fire Reporting System version 1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
9342b7d21282ed54ce4702c6cda7276732332887ecb951f160125d0470ad7553Tramyardg Autoexpress version 1.3.0 allows for authentication bypass via unauthenticated API access to admin functionality. This could allow a remote anonymous attacker to delete or update vehicles as well as upload images for vehicles.
a6b19ec46406ffd95a91f57125dc469d0979113c3d6a82b162a1b682d2ed2ecaFinancials by Coda versions prior to 2023Q4 suffer from an incorrect access control authorization bypass vulnerability. The Change Password feature can be abused in order to modify the password of any user of the application.
b902e8c8533e18988a3d9cf1a301f95fdca312dbda532a060668f36b710b0b68
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed