Advisory Week

Week 50, 2024

National Cyber Awareness System

Fortinet Releases Security Updates for FortiManager

CISA Releases Eight Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Releases Best Practice Guidance for Mobile Communications

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA Releases Five Industrial Control Systems Advisories

CISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services

CISA Requests Public Comment for Draft National Cyber Incident Response Plan Update

CISA Adds Two Known Exploited Vulnerabilities to Catalog

Ubuntu Security Notices

Linux kernel vulnerabilities: USN-7179-1 / USN-7173-2 / USN-7159-3 / USN-7173-1 / USN-7169-1 / USN-7167-1 / USN-7166-1

Linux kernel (HWE) vulnerabilities: USN-7166-3

Linux kernel (IoT) vulnerabilities: USN-7159-4

DPDK vulnerability: USN-7178-1

LSN-0108-1: Kernel Live Patch Security Notice

YARA vulnerability: USN-7177-1

Linux kernel (GCP) vulnerabilities: USN-7169-2

libvpx vulnerability: USN-7172-1

GStreamer Good Plugins vulnerabilities: USN-7176-1

GStreamer Base Plugins vulnerabilities: USN-7175-1

GStreamer vulnerability: USN-7174-1

PHPUnit vulnerability: USN-7171-1

EditorConfig vulnerabilities: USN-7168-1

Linux kernel (AWS) vulnerabilities: USN-7166-2 / USN-7159-2

Linux kernel (OEM) vulnerabilities: USN-7170-1

ImageMagick vulnerability: USN-7164-1

Linux kernel vulnerability: USN-7163-1

Docker vulnerabilities: USN-7161-1

curl vulnerability: USN-7162-1

Mpmath vulnerability: USN-7160-1

Red Hat Security Advisory

Moderate: Satellite 6.16.1 Async Update: RHSA-2024:11574

Important: Red Hat JBoss Enterprise Application Platform 8.0.5 Security update: RHSA-2024:11570 / RHSA-2024:11560 / RHSA-2024:11559

Important: Red Hat JBoss Enterprise Application Platform 7.4 security update: RHSA-2024:11531 / RHSA-2024:11529

Moderate: kernel security update: RHSA-2024:11482 / RHSA-2024:11313

Low: OpenShift Container Platform 4.14.43 security update: RHSA-2024:11031

Moderate: Red Hat Advanced Cluster Management 2.11.4 security enhancements and bug fixes: RHSA-2024:11381

Important: gstreamer1-plugins-good security update: RHSA-2024:11348 / RHSA-2024:11346 / RHSA-2024:11299 / RHSA-2024:11298 / RHSA-2024:11149 / RHSA-2024:11148 / RHSA-2024:11122 / RHSA-2024:11121 / RHSA-2024:11119

Important: gstreamer1-plugins-base security update: RHSA-2024:11345 / RHSA-2024:11143 / RHSA-2024:11142 / RHSA-2024:11141 / RHSA-2024:11130 / RHSA-2024:11123 / RHSA-2024:11120 / RHSA-2024:11118 / RHSA-2024:11117

Important: gstreamer1-plugins-base and gstreamer1-plugins-good security update: RHSA-2024:11344

Moderate: Multicluster Engine for Kubernetes 2.6.4 security enhancements and bug fixes: RHSA-2024:11293

Low: Red Hat OpenShift Data Foundation 4.16.4 security and bug fix update: RHSA-2024:11292

Moderate: pam security update: RHSA-2024:11250

Moderate: mpg123:1.32.9 security update: RHSA-2024:11242

Moderate: python3.11-urllib3 security update: RHSA-2024:11238 / RHSA-2024:11189

Moderate: libsndfile:1.0.31 security update: RHSA-2024:11237

Moderate: unbound:1.16.2 security update: RHSA-2024:11232

Moderate: edk2:20240524 security update: RHSA-2024:11219

Important: skopeo security update: RHSA-2024:11217

Moderate: containernetworking-plugins security update: RHSA-2024:11216

Moderate: mpg123 security update: RHSA-2024:11193

Moderate: expat security update: RHSA-2024:11200

Moderate: edk2 security update: RHSA-2024:11194

Moderate: libsndfile security update: RHSA-2024:11192 / RHSA-2024:11172

Moderate: edk2:20220126gitbb1bba3d77 security update: RHSA-2024:11185

Moderate: unbound security update: RHSA-2024:11170

Moderate: tuned security update: RHSA-2024:11161

Moderate: bluez security update: RHSA-2024:11154

Important: Red Hat Ansible Automation Platform 2.5 Container Release Update: RHSA-2024:11146

Moderate: Red Hat Ansible Automation Platform 2.5 Product Security and Bug Fix Update: RHSA-2024:11145

Important: Red Hat Ansible Automation Platform 2.4 Container Release Update: RHSA-2024:11144

Moderate: python3.11 security update: RHSA-2024:11111

Low: Updated service-interconnect rhel9 container images for 1.5: RHSA-2024:11109

Important: python36:3.6 security update: RHSA-2024:11094 / RHSA-2024:11093 / RHSA-2024:11091

Important: squid security update: RHSA-2024:11049

Important: python-virtualenv security update: RHSA-2024:11048

Microsoft Security

Microsoft December 2024 Security Update Guide

Chromium: CVE-2024-12693 Out of bounds memory access in V8

Chromium: CVE-2024-12694 Use after free in Compositing

Chromium: CVE-2024-12695 Out of bounds write in V8

Chromium: CVE-2024-12692 Type Confusion in V8

Github Security Advisories

[GHSA-cvv5-9h9w-qp2m] Systeminformation has command injection vulnerability in getWindowsIEEE8021x (SSID)

[GHSA-2qgm-m29m-cj2h] uptime-kuma vulnerable to Local File Inclusion (LFI) via Improper URL Handling in `Real-Browser` monitor

[GHSA-3q97-vjpp-c8rp] Socialstream has a Potential Account Takeover Vulnerability in Social Account Linking Due to Missing User Consent After OAuth Callback

[GHSA-5pf6-cq2v-23ww] WhoDB Allows Unbounded Memory Consumption in Authentication Middleware Can Lead to Denial of Service

[GHSA-47h8-jmp3-9f28] pyrage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

[GHSA-49w6-73cw-chjr] Astro's server source code is exposed to the public if sourcemaps are enabled

[GHSA-2p6p-9rc9-62j9] Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled

[GHSA-32gq-x56h-299c] age vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

[GHSA-4fg7-vxc8-qx5w] rage vulnerable to malicious plugin names, recipients, or identities causing arbitrary binary execution

[GHSA-hvm9-wc8j-mgrc] TShock Security Escalation Exploit

[GHSA-2ff4-xfpr-m32r] `Slip10Like` derivation method instantiated with certain curves may allow attacker to find derivation path which results into very long derivation (possible DoS)

[GHSA-m56h-5xx3-2jc2] Prototype pollution in jsii.configureCategories

[GHSA-c4pw-33h3-35xw] Atro CSRF Middleware Bypass (security.checkOrigin)

[GHSA-m9hc-vxjj-4x6q] PGHoard Path Traversal vulnerability

[GHSA-hxr6-2p24-hf98] Traefik affected by CVE-2024-53259

[GHSA-7gfc-8cq8-jh5f] Next.js authorization bypass vulnerability

[GHSA-6pfc-w86r-54q6] Welcome and About GeoServer pages communicate version and revision information

[GHSA-8wcc-m6j2-qxvm] ASA-2024-0012, ASA-2024-0013: CosmosSDK: Transaction decoding may result in a stack overflow or resource exhaustion

[GHSA-27vq-hv74-7cqp] SurrealDB has Silent Failure to Overwrite Table Definition of Relation Type

[GHSA-cwq8-g58r-32hg] MinIO vulnerable to privilege escalation in IAM import API

CISA Known Exploted Vulnerabilities

Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability CVE-2024-35250

Adobe ColdFusion Improper Access Control Vulnerability CVE-2024-20767

Cleo Multiple Products Unauthenticated File Upload Vulnerability CVE-2024-55956

Reolink RLC-410W IP Camera OS Command Injection Vulnerability CVE-2021-40407

Reolink Multiple IP Cameras OS Command Injection Vulnerability CVE-2019-11001

NUUO NVRmini 2 Devices Missing Authentication Vulnerability CVE-2022-23227

NUUO NVRmini Devices OS Command Injection Vulnerability CVE-2018-14933

BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability CVE-2024-12356

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.

Switch to Daily Mode

We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily