Advisory Week

Week 49, 2024

Apple Security Advisory

Safari 18.2 - Apple Security Content

iOS 18.2 and iPadOS 18.2 - Apple Security Content

iPadOS 17.7.3 - Apple Security Content

macOS Sequoia 15.2 - Apple Security Content

macOS Sonoma 14.7.2 - Apple Security Content

macOS Ventura 13.7.2 - Apple Security Content

watchOS 11.2 - Apple Security Content

tvOS 18.2 - Apple Security Content

visionOS 2.2 - Apple Security Content

National Cyber Awareness System

CISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS Sector

CISA Adds One Known Exploited Vulnerability to Catalog

CISA Releases Ten Industrial Control Systems Advisories

Apple Releases Security Updates for Multiple Products

Adobe Releases Security Updates for Multiple Products

CISA Releases Seven Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog

Microsoft Releases December 2024 Security Updates

Ivanti Releases Security Updates for Multiple Products

Adobe Security Bulletins and Advisories

Security updates available for Adobe Photoshop | APSB24-101

Security Updates Available for Adobe Illustrator | APSB24-94

Security updates available for Adobe Experience Manager | APSB24-69

Prenotification Security Advisory for Adobe Acrobat and Reader  | APSB24-92

Security Updates Available for Adobe Media Encoder | APSB24-93

Security updates available for Adobe Animate | APSB24-96

Security Update Available for Adobe InDesign | APSB24-97

Security update available for Adobe DNG Software Development Kit (SDK) | APSB24-98

Security updates available for Adobe Connect | APSB24-99

Security updates available for Adobe Substance3D - Sampler | APSB24-100

Security updates available for Adobe Substance3D - Modeler | APSB24-102

Security Updates Available for Adobe Bridge | APSB24-103

Security Updates Available for Adobe Framemaker | APSB24-106

Mozilla Security Advisories

Security Vulnerabilities fixed in Thunderbird 115.18 mfsa2024-70

Security Vulnerabilities fixed in Thunderbird 128.5.2 mfsa2024-69

Ubuntu Security Notices

PHP regression: USN-7157-2

PHP vulnerabilities: USN-7157-1

Smarty vulnerabilities: USN-7158-1

Linux kernel vulnerabilities: USN-7159-1 / USN-7154-1 / USN-7148-1

Linux kernel (GKE) vulnerabilities: USN-7156-1

Linux kernel (NVIDIA) vulnerabilities: USN-7155-1

PHP vulnerability: USN-7153-1

AsyncSSH vulnerabilities: USN-7108-2

oFono vulnerabilities: USN-7151-1 / USN-7141-1

Tornado vulnerabilities: USN-7150-1

Intel Microcode vulnerabilities: USN-7149-1

Apache Shiro vulnerabilities: USN-7147-1

Dogtag PKI vulnerabilities: USN-7146-1

Expat vulnerability: USN-7145-1

Linux kernel (Intel IoTG) vulnerabilities: USN-7144-1

RabbitMQ Server vulnerabilities: USN-7143-1

WebKitGTK vulnerabilities: USN-7142-1

Tinyproxy vulnerability: USN-7140-1

Red Hat Security Advisory

Important: python3.12 security update: RHSA-2024:11035 / RHSA-2024:10980 / RHSA-2024:10978

Important: ruby:2.5 security update: RHSA-2024:11029 / RHSA-2024:11028 / RHSA-2024:11027 / RHSA-2024:11001

Moderate: python3.9:3.9.18 security update: RHSA-2024:11024

Important: HawtIO 4.1.0 for Red Hat build of Apache Camel 4 Release and security update.: RHSA-2024:11023

Important: unbound security update: RHSA-2024:11003

Moderate: pcs security update: RHSA-2024:10987

Low: Red Hat OpenShift Data Foundation 4.17.1 Bug Fix Update: RHSA-2024:10986

Important: ruby:3.1 security update: RHSA-2024:10984 / RHSA-2024:10982 / RHSA-2024:10966

Moderate: python3.9:3.9.21 security update: RHSA-2024:10983

Moderate: python3.11 security update: RHSA-2024:10979

Important: ruby security update: RHSA-2024:10977 / RHSA-2024:10964 / RHSA-2024:10961

Important: OpenShift Container Platform 4.13.54 packages and security update: RHSA-2024:10815

Important: OpenShift Container Platform 4.15.40 security update: RHSA-2024:10841

Important: OpenShift Container Platform 4.13.54 bug fix and security update: RHSA-2024:10813

Low: OpenShift Container Platform 4.15.40 bug fix and security update: RHSA-2024:10839

Moderate: OpenShift Container Platform 4.16.26 bug fix and security update: RHSA-2024:10823

Moderate: python3.11-cryptography security update: RHSA-2024:10965

Important: Updated 8.0 container image is now available in the Red Hat Ecosystem Catalog.: RHSA-2024:10957

Important: Red Hat Ceph Storage 8.0 security update: RHSA-2024:10956

Important: python36:3.6 security update: RHSA-2024:10953

Moderate: php:7.4 security update: RHSA-2024:10952

Moderate: php:8.2 security update: RHSA-2024:10951 / RHSA-2024:10949

Moderate: php:8.1 security update: RHSA-2024:10950

Important: OpenShift Container Platform 4.17.8 security update: RHSA-2024:10818

Low: kernel-rt security update: RHSA-2024:10946

Low: kernel security update: RHSA-2024:10945

Moderate: kernel-rt security update: RHSA-2024:10944

Moderate: kernel security update: RHSA-2024:10943 / RHSA-2024:10941 / RHSA-2024:10939

Moderate: kernel:5.14.0 security update: RHSA-2024:10942

Moderate: Red Hat JBoss Enterprise Application Platform 7.4.20 Security update: RHSA-2024:10933 / RHSA-2024:10929 / RHSA-2024:10928 / RHSA-2024:10927

Moderate: java-1.8.0-ibm security update: RHSA-2024:10926

Moderate: Red Hat OpenShift Service Mesh Containers for 2.5.7: RHSA-2024:10908

Low: Red Hat OpenShift Service Mesh Containers for 2.4.13: RHSA-2024:10907

Important: Migration Toolkit for Containers (MTC) 1.8.5 security and bug fix update: RHSA-2024:10906

Important: Red Hat OpenStack Platform 16.2 (osp-director-operator) security update: RHSA-2024:10883

Important: postgresql security update: RHSA-2024:10882

Important: firefox security update: RHSA-2024:10881 / RHSA-2024:10880

Important: postgresql:13 security update: RHSA-2024:10879

Atlassian Security Advisories

Security Bulletin - December 10 2024

Microsoft Security

Microsoft December 2024 Security Update Guide

Chromium: CVE-2024-12382 Use after free in Translate

Chromium: CVE-2024-12381 Type Confusion in V8

CVE-2024-49147 Microsoft Update Catalog Elevation of Privilege Vulnerability

CVE-2024-49071 Windows Defender Information Disclosure Vulnerability

CVE-2024-49105 Remote Desktop Client Remote Code Execution Vulnerability

CVE-2024-49138 Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2024-49127 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2024-49128 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49114 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2024-49116 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49118 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVE-2024-49112 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2024-49113 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

CVE-2024-49109 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

CVE-2024-49110 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

CVE-2024-49088 Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2024-49090 Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2024-49095 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

CVE-2024-49082 Windows File Explorer Information Disclosure Vulnerability

CVE-2024-49083 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

CVE-2024-49080 Windows IP Routing Management Snapin Remote Code Execution Vulnerability

CVE-2024-49081 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

CVE-2024-49077 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

CVE-2024-49078 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

CVE-2024-49079 Input Method Editor (IME) Remote Code Execution Vulnerability

CVE-2024-49072 Windows Task Scheduler Elevation of Privilege Vulnerability

CVE-2024-49075 Windows Remote Desktop Services Denial of Service Vulnerability

CVE-2024-49076 Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

CVE-2024-49063 Microsoft/Muzic Remote Code Execution Vulnerability

CVE-2024-49065 Microsoft Office Remote Code Execution Vulnerability

CVE-2024-49142 Microsoft Access Remote Code Execution Vulnerability

ADV240002 Microsoft Office Defense in Depth Update

CVE-2024-43600 Microsoft Office Elevation of Privilege Vulnerability

CVE-2024-49062 Microsoft SharePoint Information Disclosure Vulnerability

CVE-2024-49129 Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability

CVE-2024-49132 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49125 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-49126 Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability

CVE-2024-49122 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVE-2024-49123 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49124 Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability

CVE-2024-49120 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49121 Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

CVE-2024-49115 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49117 Windows Hyper-V Remote Code Execution Vulnerability

CVE-2024-49119 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49108 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49111 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

CVE-2024-49104 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-49106 Windows Remote Desktop Services Remote Code Execution Vulnerability

CVE-2024-49107 WmsRepair Service Elevation of Privilege Vulnerability

CVE-2024-49102 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-49103 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability

CVE-2024-49099 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability

CVE-2024-49101 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

CVE-2024-49096 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2024-49097 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

CVE-2024-49098 Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability

CVE-2024-49093 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

CVE-2024-49094 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

CVE-2024-49091 Windows Domain Name Service Remote Code Execution Vulnerability

CVE-2024-49092 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

CVE-2024-49089 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-49085 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-49086 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

CVE-2024-49087 Windows Mobile Broadband Driver Information Disclosure Vulnerability

CVE-2024-49074 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE-2024-49084 Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-49070 Microsoft SharePoint Remote Code Execution Vulnerability

CVE-2024-49073 Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

CVE-2024-49068 Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2024-49069 Microsoft Excel Remote Code Execution Vulnerability

CVE-2024-49059 Microsoft Office Elevation of Privilege Vulnerability

CVE-2024-49064 Microsoft SharePoint Information Disclosure Vulnerability

CVE-2024-43594 System Center Operations Manager Elevation of Privilege Vulnerability

CVE-2024-49057 Microsoft Defender for Endpoint on Android Spoofing Vulnerability

Google Security Advisories

Chrome Releases: Stable Channel Update for Desktop

Amazon AWS Security Advisories

Issue with DynamoDB local - CVE-2022-1471

Github Security Advisories

[GHSA-832w-fhmw-w4f4] D-Tale allows Remote Code Execution through the Custom Filter Input

[GHSA-m3r7-8gw7-qwvc] thorsten/phpmyfaq Unintended File Download Triggered by Embedded Frames

[GHSA-w9j7-phm3-f97j] Ucum-java has an XXE vulnerability in XML parsing

[GHSA-8vwh-pr89-4mw2] Laravel Pulse Allows Remote Code Execution via Unprotected Query Method

[GHSA-j2pq-22jj-4pm5] XWiki allows remote code execution through the extension sheet

[GHSA-x6mh-rjwm-8ph7] Cross-site Scripting vulnerability in SimpleXLSXEx::readXfs and SimpeXLSX::toHTMLEx

[GHSA-9j3m-fr7q-jxfw] Beego has Collision Hazards of MD5 in Cache Key Filenames

[GHSA-wh34-m772-5398] XWiki Platform has an SQL injection in getdocuments.vm with sort parameter

[GHSA-7mj5-hjjj-8rgw] http4k has a potential XXE (XML External Entity Injection) vulnerability

[GHSA-cwq6-mjmx-47p6] XWiki's scheduler in subwiki allows scheduling operations for any main wiki user

[GHSA-2r87-74cx-2p7c] XWiki allows remote code execution from account through macro descriptions and XWiki.XWikiSyntaxMacrosList

[GHSA-r279-47wg-chpr] XWiki allows RCE from script right in configurable sections

[GHSA-7prj-hgx4-2xc3] Potential Vulnerabilities Due to Outdated golang.org/x/crypto Dependency in NanoProxy

[GHSA-753p-wrj5-g8fj] PQClean has a correctness error in HQC decapsulation

[GHSA-xx68-37v4-4596] SiYuan has an arbitrary file read via /api/template/render

[GHSA-25w9-wqfq-gwqx] SiYuan has an arbitrary file read and path traversal via /api/export/exportResources

[GHSA-fqj6-whhx-47p7] SiYuan has an arbitrary file write in the host via /api/asset/upload

[GHSA-4pjc-pwgq-q9jp] SiYuan has an SSTI via /api/template/renderSprig

[GHSA-c7xh-gjv4-4jgv] kcp's impersonation allows access to global administrative groups

[GHSA-hhfg-fwrw-87w7] sigstore has insufficient validation of integration timestamp during verification

[GHSA-vm32-9rqf-rh3r] pnpm no-script global cache poisoning via overrides / `ignore-scripts` evasion

[GHSA-vfm5-rmrh-j26v] Possible Content Security Policy bypass in Action Dispatch

[GHSA-2q97-m5rc-p3gp] CosmWasm VM Incorrect metering

[GHSA-vmqh-5232-v43r] Panic in wasmvm can slow down block production

[GHSA-vmg2-r3xv-r3xf] Simulation of Wasmd message can cause crashing

[GHSA-5462-4vcx-jh7j] Angular Expressions - Remote Code Execution when using locals

[GHSA-4c49-9fpc-hc3v] lxd CA certificate sign check bypass

[GHSA-jpmc-7p9c-4rxf] lxd has a restricted TLS certificate privilege escalation when in PKI mode

[GHSA-c2xf-9v2r-r2rx] Hugo does not escape some attributes in internal templates

[GHSA-c2pc-g5qf-rfrf] league/commonmark's quadratic complexity bugs may lead to a denial of service

[GHSA-xhw3-4j3m-hq53] Winter CMS Modules allows a sandbox bypass in Twig templates leading to data modification and deletion

[GHSA-849r-qrwj-8rv4] Directus allows unauthenticated access to WebSocket events and operations

[GHSA-6vx4-v2jw-qwqh] Trix editor subject to XSS vulnerabilities on copy & paste

CISA Known Exploted Vulnerabilities

Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability CVE-2024-49138

Cleo Multiple Products Unrestricted File Upload Vulnerability CVE-2024-50623

The known exploited vulnerabilities list contains vulnerabilities that are known to be actively exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.

Switch to Daily Mode

We're thrilled to announce the launch of AdvisoryDaily, a once a day version of this newsletter.

Get AdvisoryDaily