Advisory Week

Week 45, 2024

National Cyber Awareness System

CISA Releases Nineteen Industrial Control Systems Advisories

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Palo Alto Networks Emphasizes Hardening Guidance

Fortinet Releases Security Updates for Multiple Products

Microsoft Releases November 2024 Security Updates

Adobe Releases Security Updates for Multiple Products

Ivanti Releases Security Updates for Multiple Products

JCDC’s Collaborative Efforts Enhance Cybersecurity for the 2024 Olympic and Paralympic Games

Citrix Releases Security Updates for NetScaler and Citrix Session Recording

CISA Releases Five Industrial Control Systems Advisories

CISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited Vulnerabilities

CISA Adds Five Known Exploited Vulnerabilities to Catalog

Adobe Security Bulletins and Advisories

Security updates available for Adobe Photoshop | APSB24-89

Security Updates Available for Adobe Commerce | APSB24-90

Security Updates Available for Adobe Illustrator | APSB24-66 APSB24-87

Security Update Available for Adobe InDesign | APSB24-88

Security Updates Available for Adobe Bridge | APSB24-77

Security Updates Available for Adobe Audition | APSB24-83

Mozilla Security Advisories

Security Vulnerabilities fixed in Thunderbird 132.0.1 mfsa2024-62

Security Vulnerabilities fixed in Thunderbird 128.4.3 mfsa2024-61

Ubuntu Security Notices

Linux kernel vulnerabilities: USN-7089-6 / USN-7088-5 / USN-7089-5 / USN-7110-1 / USN-7089-4 / USN-7100-2 / USN-7100-1

GD Graphics Library vulnerability: USN-7112-1

Go vulnerabilities: USN-7111-1 / USN-7109-1

Linux kernel vulnerability: USN-7071-2

PHP vulnerabilities: USN-7049-2

zlib vulnerability: USN-7107-1

.NET vulnerabilities: USN-7105-1

Ghostscript vulnerabilities: USN-7103-1

MySQL vulnerabilities: USN-7102-1

Pydantic vulnerability: USN-7101-1

OpenJDK 17 vulnerabilities: USN-7098-1

OpenJDK 11 vulnerabilities: USN-7097-1

OpenJDK 8 vulnerabilities: USN-7096-1

OpenJDK 21 vulnerabilities: USN-7099-1

Red Hat Security Advisory

Critical: Red Hat Build of Apache Camel 4.4.4 for Spring Boot security update.: RHSA-2024:9806

Important: squid security update: RHSA-2024:9738 / RHSA-2024:9729 / RHSA-2024:9678 / RHSA-2024:9677 / RHSA-2024:9625

Important: tigervnc security update: RHSA-2024:9690 / RHSA-2024:9601 / RHSA-2024:9579 / RHSA-2024:9540

Low: binutils security update: RHSA-2024:9689

Important: webkit2gtk3 security update: RHSA-2024:9680 / RHSA-2024:9679 / RHSA-2024:9653 / RHSA-2024:9646 / RHSA-2024:9638 / RHSA-2024:9637 / RHSA-2024:9636 / RHSA-2024:9553 / RHSA-2024:9144

Important: libsoup security update: RHSA-2024:9654 / RHSA-2024:9576 / RHSA-2024:9573 / RHSA-2024:9572 / RHSA-2024:9570 / RHSA-2024:9566 / RHSA-2024:9559 / RHSA-2024:9525 / RHSA-2024:9524 / RHSA-2024:9501

Important: squid:4 security update: RHSA-2024:9644 / RHSA-2024:9624

Important: Red Hat OpenShift Service Mesh Containers for 2.5.6: RHSA-2024:9629

Moderate: Red Hat OpenShift Service Mesh Containers for 2.6.3: RHSA-2024:9627

Moderate: kernel security update: RHSA-2024:9605 / RHSA-2024:9546 / RHSA-2024:9500 / RHSA-2024:9497

Important: OpenShift Container Platform 4.15.38 packages and security update: RHSA-2024:8994

Important: OpenShift Container Platform 4.15.38 bug fix and security update: RHSA-2024:8991

Important: ACS 4.4 enhancement update: RHSA-2024:9583

Moderate: Streams for Apache Kafka 2.8.0 release and security update: RHSA-2024:9571

Important: NetworkManager-libreswan security update: RHSA-2024:9556 / RHSA-2024:9555

Important: firefox security update: RHSA-2024:9554

Important: thunderbird security update: RHSA-2024:9552

Moderate: grafana-pcp security update: RHSA-2024:9551

Important: openexr security update: RHSA-2024:9548

Important: krb5 security update: RHSA-2024:9547 / RHSA-2024:9474

Moderate: webkit2gtk3 security update: RHSA-2024:9545

Important: .NET 9.0 security update: RHSA-2024:9543

Moderate: expat security update: RHSA-2024:9541 / RHSA-2024:9502

Important: Control plane Operators for RHOSO 18.0.3 (Feature Release 1) security update: RHSA-2024:9485

Moderate: Red Hat OpenStack Platform 18.0.3 (python-django) security update: RHSA-2024:9481

Important: OpenShift Container Platform 4.17.4 packages and security update: RHSA-2024:8984

Important: OpenShift Container Platform 4.17.4 bug fix and security update: RHSA-2024:8981

Moderate: kernel-rt security update: RHSA-2024:9498

Important: grafana security update: RHSA-2024:9473

Low: cups security update: RHSA-2024:9470

Important: grafana-pcp security update: RHSA-2024:9472

Moderate: python3.9 security update: RHSA-2024:9468 / RHSA-2024:9371

Moderate: python3.12-urllib3 security update: RHSA-2024:9457

Important: buildah security update: RHSA-2024:9459

Moderate: python3.11-urllib3 security update: RHSA-2024:9458

Important: osbuild-composer security update: RHSA-2024:9456

Important: podman security update: RHSA-2024:9454 / RHSA-2024:9051

Moderate: pcp security update: RHSA-2024:9452

Moderate: python3.12 security update: RHSA-2024:9451 / RHSA-2024:9190

Important: bubblewrap and flatpak security update: RHSA-2024:9449

Moderate: python3.11 security update: RHSA-2024:9450 / RHSA-2024:9192

Moderate: mingw-glib2 security update: RHSA-2024:9442

Moderate: fontforge security update: RHSA-2024:9439

Low: nano security update: RHSA-2024:9430

Low: tpm2-tools security update: RHSA-2024:9424

Moderate: python-dns security update: RHSA-2024:9423

Moderate: bluez security update: RHSA-2024:9413

Low: vim security update: RHSA-2024:9405

Moderate: libgcrypt security update: RHSA-2024:9404

Moderate: microcode_ctl security update: RHSA-2024:9401

Low: openssl and openssl-fips-provider security update: RHSA-2024:9333

Moderate: krb5 security update: RHSA-2024:9331

Low: cockpit security update: RHSA-2024:9325

Low: NetworkManager security update: RHSA-2024:9317

Moderate: httpd security update: RHSA-2024:9306

Moderate: emacs security update: RHSA-2024:9302

Moderate: python-jwcrypto security update: RHSA-2024:9281

Moderate: oci-seccomp-bpf-hook security update: RHSA-2024:9277

Moderate: postfix security update: RHSA-2024:9243

Moderate: runc security update: RHSA-2024:9200

Moderate: cyrus-imapd security update: RHSA-2024:9195

Moderate: python3.11-PyMySQL security update: RHSA-2024:9194

Moderate: python3.12-PyMySQL security update: RHSA-2024:9193

Low: bcc security update: RHSA-2024:9187

Low: bpftrace security update: RHSA-2024:9188

Moderate: gtk3 security update: RHSA-2024:9184

Moderate: iperf3 security update: RHSA-2024:9185

Moderate: jose security update: RHSA-2024:9181

Moderate: mod_auth_openidc security update: RHSA-2024:9180

Moderate: poppler security update: RHSA-2024:9167

Moderate: lldpd security update: RHSA-2024:9158

Moderate: python-jinja2 security update: RHSA-2024:9150

Moderate: toolbox security update: RHSA-2024:9135

Moderate: qemu-kvm security update: RHSA-2024:9136

Moderate: libvirt security update: RHSA-2024:9128

Moderate: xorg-x11-server security update: RHSA-2024:9122

Moderate: grafana security update: RHSA-2024:9115

Moderate: gnome-shell and gnome-shell-extensions security update: RHSA-2024:9114

Moderate: podman security update: RHSA-2024:9102

Moderate: skopeo security update: RHSA-2024:9098

Moderate: buildah security update: RHSA-2024:9097

Moderate: freerdp security update: RHSA-2024:9092

Moderate: xorg-x11-server-Xwayland security update: RHSA-2024:9093

Moderate: containernetworking-plugins security update: RHSA-2024:9089

Moderate: edk2 security update: RHSA-2024:9088

Moderate: gstreamer1-plugins-base security update: RHSA-2024:9056

Microsoft Security

Microsoft November 2024 Security Update Guide

CVE-2024-49060 Azure Stack HCI Elevation of Privilege Vulnerability

Chromium: CVE-2024-11114 Inappropriate implementation in Views

Chromium: CVE-2024-11117 Inappropriate implementation in FileSystem

Chromium: CVE-2024-11115 Insufficient policy enforcement in Navigation

Chromium: CVE-2024-11112 Use after free in Media

Chromium: CVE-2024-11116 Inappropriate implementation in Paint

Chromium: CVE-2024-11113 Use after free in Accessibility

CVE-2024-49025 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Chromium: CVE-2024-11111 Inappropriate implementation in Autofill

Chromium: CVE-2024-11110 Inappropriate implementation in Blink

CVE-2024-43499 .NET and Visual Studio Denial of Service Vulnerability

ADV240001 Microsoft SharePoint Server Defense in Depth Update

CVE-2024-43498 .NET and Visual Studio Remote Code Execution Vulnerability

CVE-2024-49051 Microsoft PC Manager Elevation of Privilege Vulnerability

CVE-2024-49048 TorchGeo Remote Code Execution Vulnerability

CVE-2024-49050 Visual Studio Code Python Extension Remote Code Execution Vulnerability

CVE-2024-49033 Microsoft Word Security Feature Bypass Vulnerability

CVE-2024-49039 Windows Task Scheduler Elevation of Privilege Vulnerability

CVE-2024-49031 Microsoft Office Graphics Remote Code Execution Vulnerability

CVE-2024-49032 Microsoft Office Graphics Remote Code Execution Vulnerability

CVE-2024-49029 Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49030 Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49027 Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49028 Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49021 Microsoft SQL Server Remote Code Execution Vulnerability

CVE-2024-49026 Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49018 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49019 Active Directory Certificate Services Elevation of Privilege Vulnerability

CVE-2024-49016 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49017 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49015 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49013 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49014 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49011 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49012 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49010 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49006 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49008 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49009 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49005 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49007 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49003 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49004 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49001 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49002 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-48999 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-49000 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-48997 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-48998 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-38203 Windows Package Library Manager Information Disclosure Vulnerability

CVE-2024-48993 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-43641 Windows Registry Elevation of Privilege Vulnerability

CVE-2024-43642 Windows SMB Denial of Service Vulnerability

CVE-2024-43639 Windows Kerberos Remote Code Execution Vulnerability

CVE-2024-43640 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-43635 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43636 Win32k Elevation of Privilege Vulnerability

CVE-2024-43629 Windows DWM Core Library Elevation of Privilege Vulnerability

CVE-2024-43633 Windows Hyper-V Denial of Service Vulnerability

CVE-2024-43622 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43624 Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability

CVE-2024-43620 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43621 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43598 LightGBM Remote Code Execution Vulnerability

CVE-2024-43613 Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability

CVE-2024-49046 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

CVE-2024-49049 Visual Studio Code Remote Extension Elevation of Privilege Vulnerability

CVE-2024-49056 Airlift.microsoft.com Elevation of Privilege Vulnerability

CVE-2024-49043 Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability

CVE-2024-49044 Visual Studio Elevation of Privilege Vulnerability

CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability

CVE-2024-49042 Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability

CVE-2024-5535 OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overread

CVE-2024-48995 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-48996 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-43462 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-48994 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-43459 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-38255 SQL Server Native Client Remote Code Execution Vulnerability

CVE-2024-38264 Microsoft Virtual Hard Disk (VHDX) Denial of Service Vulnerability

CVE-2024-43451 NTLM Hash Disclosure Spoofing Vulnerability

CVE-2024-43452 Windows Registry Elevation of Privilege Vulnerability

CVE-2024-43450 Windows DNS Spoofing Vulnerability

CVE-2024-43447 Windows SMBv3 Server Remote Code Execution Vulnerability

CVE-2024-43449 Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43645 Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability

CVE-2024-43646 Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43643 Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43644 Windows Client-Side Caching Elevation of Privilege Vulnerability

CVE-2024-43634 Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43637 Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43638 Windows USB Video Class System Driver Elevation of Privilege Vulnerability

CVE-2024-43631 Windows Secure Kernel Mode Elevation of Privilege Vulnerability

CVE-2024-43628 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43630 Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-43626 Windows Telephony Service Elevation of Privilege Vulnerability

CVE-2024-43627 Windows Telephony Service Remote Code Execution Vulnerability

CVE-2024-43623 Windows NT OS Kernel Elevation of Privilege Vulnerability

CVE-2024-43625 Microsoft Windows VMSwitch Elevation of Privilege Vulnerability

CVE-2024-43602 Azure CycleCloud Remote Code Execution Vulnerability

CVE-2024-43530 Windows Update Stack Elevation of Privilege Vulnerability

Google Security Advisories

Android Security Bulletin November 2024 | Android Open Source Project

Jenkins Security Advisories

Jenkins Security Advisory 2024-11-13

Github Security Advisories

[GHSA-8fh4-942r-jf2g] LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/services.inc.php

[GHSA-7q7g-4xm8-89cq] Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit

[GHSA-x645-6pf9-xwxw] LibreNMS has an Authenticated OS Command Injection

[GHSA-gv4m-f6fx-859x] LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php

[GHSA-28p7-f6h6-3jh3] LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php

[GHSA-p66q-ppwr-q5j8] LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php

[GHSA-7663-37rg-c377] LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

[GHSA-4m5r-w2rq-q54q] LibreNMS has a Persistent XSS from Insecure Input Sanitization Affects Multiple Endpoints

[GHSA-qr8f-5qqg-j3wg] LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/overview/services.inc.php

[GHSA-v7w9-63xh-6r3w] LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/functions.php

[GHSA-xh4g-c9p6-5jxg] LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

[GHSA-rmr4-x6c9-jc68] LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/device/capture.inc.php

[GHSA-888j-pjqh-fx58] Stored XSS ('Cross-site Scripting') in librenms/includes/html/pages/edituser.inc.php

[GHSA-c86q-rj37-8f85] LibreNMS has a stored XSS in ExamplePlugin with Device's Notes

[GHSA-gfwr-xqmj-j27v] LibreNMS has a stored XSS ('Cross-site Scripting')in librenms/includes/html/pages/api-access.inc.php

[GHSA-pjwm-cr36-mwv3] ReDoS in giskard's transformation.py (GHSL-2024-324)

[GHSA-j3px-q95c-9683] zlib-rs stack overflow during decompression with malicious input

[GHSA-p2h2-3vg9-4p87] Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer

[GHSA-hff8-hjwv-j9q7] Remote Code Execution on click of Link in markdown preview

[GHSA-rp9h-rf7g-hwgr] s2n-tls has undefined behavior at process exit

[GHSA-8237-957h-h2c2] FileManager Deserialization of Untrusted Data vulnerability

[GHSA-cgr4-c233-h733] UnoPim Stored XSS : Cookie hijacking through Create User function

[GHSA-cg23-qf8f-62rr] Symphony has an Authentication Bypass via RememberMe

[GHSA-j4h6-gcj7-7v9v] decidim-meetings Cross-site scripting vulnerability in the online or hybrid meeting embeds

[GHSA-f3cw-hg6r-chfv] Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI

[GHSA-cw6g-qmjq-6w2w] Craft CMS Arbitrary System File Read

[GHSA-jrh5-vhr9-qh7q] Local File System Validation Bypass Leading to File Overwrite, Sensitive File Access, and Potential Code Execution

[GHSA-v7vf-f5q6-m899] .NET Remote Code Execution Vulnerability

[GHSA-6x36-qxmj-rv4p] .NET Denial of Service Vulnerability

[GHSA-gv7v-rgg6-548h] Laravel environment manipulation via query string

[GHSA-7hpf-g48v-hw3j] Zoraxy has an authenticated command injection in the Web SSH feature

[GHSA-cm46-gqf4-mv4f] Orchid Platform has Method Exposure Vulnerability in Modals

[GHSA-xvg8-m4x3-w6xr] matrix-js-sdk has insufficient MXC URI validation which allows client-side path traversal

[GHSA-xq3w-v528-46rv] Denial of Service attack on windows app using netty

[GHSA-cxwf-qc32-375f] Decidim-Awesome has SQL injection in AdminAccountability

Spring Security Advisories

CVE-2024-38828 - Medium - CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter

CISA Known Exploted Vulnerabilities

Atlassian Jira Server and Data Center Path Traversal Vulnerability CVE-2021-26086

Cisco Adaptive Security Appliance (ASA) Cross-Site Scripting (XSS) Vulnerability CVE-2014-2120

Metabase GeoJSON API Local File Inclusion Vulnerability CVE-2021-41277

Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability CVE-2024-43451

Microsoft Windows Task Scheduler Privilege Escalation Vulnerability CVE-2024-49039

Palo Alto NetworksExpedition SQL Injection Vulnerability CVE-2024-9465

Palo Alto Networks Expedition OS Command Injection Vulnerability CVE-2024-9463

The known exploited vulnerabilities list contains vulnerabilities that are known to be activly exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.