Apple Security Advisory

Magic Keyboard Firmware Update 2.0.6 Security Content

National Cyber Awareness System

Juniper Networks Releases Security Bulletin for Junos OS and Junos OS Evolved CISA Releases Nine Industrial Control Systems Advisories Cisco Releases Security Advisory for Cisco Unity Connection Ivanti Releases Security Update for Connect Secure and Policy Secure Gateways CISA Adds One Known Exploited Vulnerability to Catalog CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA Releases One Industrial Control Systems Advisory Fortinet Releases Security Updates for FortiOS and FortiProxy Microsoft Releases Security Updates for Multiple Products CISA Adds Six Known Exploited Vulnerabilities to Catalog

Ubuntu Security Notices

Xerces-C++ vulnerability: USN-6579-1 OpenSSH vulnerabilities: USN-6560-2 .NET vulnerabilities: USN-6578-1 Go vulnerabilities: USN-6574-1 / USN-6038-2 Firefox regressions: USN-6562-2 Linux kernel (AWS) vulnerabilities: USN-6577-1 Linux kernel vulnerabilities: USN-6549-5 Linux kernel (IoT) vulnerabilities: USN-6548-5 Linux kernel (OEM) vulnerability: USN-6576-1 Twisted vulnerabilities: USN-6575-1 GNU C Library regression: USN-6541-2 Linux kernel (GKE) vulnerabilities: USN-6548-4 Linux kernel (Azure) vulnerabilities: USN-6573-1 / USN-6572-1 Monit vulnerability: USN-6571-1 PostgreSQL vulnerabilities: USN-6570-1 libclamunrar vulnerabilities: USN-6569-1 ClamAV update: USN-6568-1 QEMU vulnerabilities: USN-6567-1 GnuTLS vulnerability: USN-6499-2

Red Hat Security Advisory

Low: openssl security update: RHSA-2024:0208 / RHSA-2024:0154 Important: .NET 6.0 security update: RHSA-2024:0158 / RHSA-2024:0156 Important: .NET 7.0 security update: RHSA-2024:0157 / RHSA-2024:0151 Moderate: gnutls security update: RHSA-2024:0155 Important: .NET 8.0 security update: RHSA-2024:0152 / RHSA-2024:0150 Important: Red Hat Integration Camel K 1.10.5 release and security update: RHSA-2024:0148 Moderate: ipa security update: RHSA-2024:0141 / RHSA-2024:0142 / RHSA-2024:0140 Low: libarchive security update: RHSA-2024:0146 Moderate: idm:DL1 security update: RHSA-2024:0143 / RHSA-2024:0144 / RHSA-2024:0139 / RHSA-2024:0138 / RHSA-2024:0137 Moderate: virt:rhel and virt-devel:rhel security update: RHSA-2024:0135 Moderate: fence-agents security update: RHSA-2024:0133 Important: kernel-rt security update: RHSA-2024:0134 Moderate: frr security update: RHSA-2024:0130 Important: kernel security update: RHSA-2024:0113 Moderate: nss security update: RHSA-2024:0107 / RHSA-2024:0106 / RHSA-2024:0105 / RHSA-2024:0093 Important: OpenShift Container Platform 4.11.56 bug fix and security update: RHSA-2024:0059 Important: OpenShift Container Platform 4.14.8 bug fix and security update: RHSA-2024:0050 Moderate: Red Hat build of Keycloak 22.0.8 enhancement and security update: RHSA-2024:0101 Moderate: Red Hat build of Keycloak 22.0.8 images enhancement and security update: RHSA-2024:0100 Moderate: Red Hat Single Sign-On 7.6.6 security update: RHSA-2024:0098 / RHSA-2024:0096 / RHSA-2024:0095 / RHSA-2024:0094 Moderate: Red Hat Single Sign-On 7.6.6 for OpenShift image enhancement and security update: RHSA-2024:0097 Moderate: Red Hat Single Sign-On 7.6.6 security update on RHEL 9: RHSA-2024:0096 Moderate: Red Hat Single Sign-On 7.6.6 security update on RHEL 8: RHSA-2024:0095 Moderate: Red Hat Single Sign-On 7.6.6 security update on RHEL 7: RHSA-2024:0094 Important: kpatch-patch security update: RHSA-2024:0089 Important: squid security update: RHSA-2024:0071

Cisco Security Advisory

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability Cisco TelePresence Management Suite Cross-Site Scripting Vulnerabilities Cisco ThousandEyes Enterprise Agent Virtual Appliance Privilege Escalation Vulnerability Cisco WAP371 Wireless Access Point Command Injection Vulnerability Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Vulnerabilities Cisco Unity Connection Unauthenticated Arbitrary File Upload Vulnerability Cisco BroadWorks Application Delivery Platform and Xtended Services Platform Stored Cross-Site Scripting Vulnerability

Microsoft Security

Microsoft January 2024 Security Update Guide Chromium: CVE-2024-0333 Insufficient data validation in Extensions Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability: CVE-2024-20675 Adobe Systems Incorporated: CVE-2024-20721 Improper Input Validation Denial of Service Vulnerability Adobe Systems Incorporated: CVE-2024-20709 Javascript Implementation PDF Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability: CVE-2024-21337 BitLocker Security Feature Bypass Vulnerability: CVE-2024-20666 Windows Kerberos Security Feature Bypass Vulnerability: CVE-2024-20674 Microsoft Office Remote Code Execution Vulnerability: CVE-2024-20677 Azure Storage Mover Remote Code Execution Vulnerability: CVE-2024-20676 Microsoft ODBC Driver Remote Code Execution Vulnerability: CVE-2024-20654 Windows Group Policy Elevation of Privilege Vulnerability: CVE-2024-20657 Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability: CVE-2024-20658 Windows Message Queuing Client (MSMQC) Information Disclosure: CVE-2024-20680 / CVE-2024-20663 Windows Cryptographic Services Remote Code Execution Vulnerability: CVE-2024-20682 Win32k Elevation of Privilege Vulnerability: CVE-2024-20683 / CVE-2024-20686 Windows Nearby Sharing Spoofing Vulnerability: CVE-2024-20690 Windows Themes Information Disclosure Vulnerability: CVE-2024-20691 Windows CoreMessaging Information Disclosure Vulnerability: CVE-2024-20694 MITRE: CVE-2022-35737 SQLite allows an array-bounds overflow Windows Libarchive Remote Code Execution Vulnerability: CVE-2024-20696 / CVE-2024-20697 Windows Kernel Elevation of Privilege Vulnerability: CVE-2024-20698 Windows Hyper-V Denial of Service Vulnerability: CVE-2024-20699 Windows Hyper-V Remote Code Execution Vulnerability: CVE-2024-20700 Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability: CVE-2024-21305 Remote Desktop Client Remote Code Execution Vulnerability: CVE-2024-21307 Windows TCP/IP Information Disclosure Vulnerability: CVE-2024-21313 Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability: CVE-2024-21325 .NET Core and Visual Studio Denial of Service Vulnerability: CVE-2024-20672 Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability: CVE-2024-0056 NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability: CVE-2024-0057 Windows HTML Platforms Security Feature Bypass Vulnerability: CVE-2024-20652 Microsoft Common Log File System Elevation of Privilege Vulnerability: CVE-2024-20653 Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability: CVE-2024-20655 Visual Studio Elevation of Privilege Vulnerability: CVE-2024-20656 Microsoft Message Queuing Information Disclosure Vulnerability: CVE-2024-20660 / CVE-2024-20664 / CVE-2024-21314 Microsoft Message Queuing Denial of Service Vulnerability: CVE-2024-20661 Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability: CVE-2024-20662 Windows Server Key Distribution Service Security Feature Bypass: CVE-2024-21316 Windows Subsystem for Linux Elevation of Privilege Vulnerability: CVE-2024-20681 Microsoft AllJoyn API Denial of Service Vulnerability: CVE-2024-20687 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability: CVE-2024-20692 Microsoft Bluetooth Driver Spoofing Vulnerability: CVE-2024-21306 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability: CVE-2024-21309 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability: CVE-2024-21310 Windows Cryptographic Services Information Disclosure Vulnerability: CVE-2024-21311 .NET Framework Denial of Service Vulnerability: CVE-2024-21312 Microsoft SharePoint Server Remote Code Execution Vulnerability: CVE-2024-21318 Microsoft Identity Denial of service vulnerability: CVE-2024-21319 Windows Themes Spoofing Vulnerability: CVE-2024-21320

Github Security Advisories

[GHSA-q6w5-jg5q-47vg] @clerk/nextjs auth() and getAuth() methods vulnerable to insecure direct object reference (IDOR) [GHSA-8qw9-gf7w-42x5] Minor fix to previous patch for CVE-2022-35918 [GHSA-chcr-x7hc-8fp8] Devise-Two-Factor vulnerable to brute force attacks [GHSA-4mq2-gc4j-cmw6] Django Template Engine Vulnerable to XSS [GHSA-8r25-68wm-jw35] Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268) [GHSA-pxmr-q2x3-9x9m] Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269) [GHSA-h374-mm57-879c] Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270) [GHSA-h5c8-rqwp-cp95] Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter [GHSA-rgrf-6mf5-m882] cdo-local-uuid vulnerable to insertion of artifact derived from developer's Present Working Directory into demonstration code [GHSA-2mqj-m65w-jghx] Untrusted search path under some conditions on Windows allows arbitrary code execution [GHSA-449p-3h89-pw88] Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients [GHSA-p4rx-7wvg-fwrc] CRI-O's pods can break out of resource confinement on cgroupv2 [GHSA-g273-wppx-82w4] Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access GDPR extracts [GHSA-c38c-c8mh-vq68] Pimcore Customer Data Framework Improper Access Control allows unprivileged user to access customers duplicates list [GHSA-cx99-25hr-5jxf] Pimcore Ecommerce Framework Bundle Improper Access Control allows unprivileged user to access back-office orders list [GHSA-ppxx-5m9h-6vxf] quic-go's path validation mechanism can be exploited to cause denial of service [GHSA-97x9-59rv-q5pm] Hyperledger Aries Cloud Agent Python result of presentation verification not checked for LDP-VC [GHSA-59j7-ghrg-fj52] Microsoft Security Advisory CVE-2024-21319: .NET Denial of Service Vulnerability [GHSA-4jh3-6jhv-2mgp] react-native-mmkv Insertion of Sensitive Information into Log File vulnerability [GHSA-8g9c-28fc-mcx2] Microsoft Identity Denial of service vulnerability [GHSA-rv9j-c866-gp5h] Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerability [GHSA-pvcr-v8j8-j5q3] Parsing JSON serialized payload without protected field can lead to segfault [GHSA-6673-4983-2vx5] fonttools XML External Entity Injection (XXE) Vulnerability [GHSA-9763-4f94-gfch] CIRCL's Kyber: timing side-channel (kyberslash2) [GHSA-8959-rfxh-r4j4] XWiki vulnerable to Denial of Service attack through attachments [GHSA-rj7p-xjv7-7229] XWiki Remote Code Execution Vulnerability via User Registration [GHSA-xh35-w7wg-95v3] XWiki has no right protection on rollback action [GHSA-c2f4-cvqm-65w2] Puma HTTP Request/Response Smuggling vulnerability [GHSA-mqpq-2p68-46fv] pyload Unauthenticated Flask Configuration Leakage vulnerability [GHSA-ghmw-rwh8-6qmr] pyload Log Injection vulnerability [GHSA-v2v2-hph8-q5xp] @fastify/reply-from JSON Content-Type parsing confusion

CISA Known Exploted Vulnerabilities

Joomla! Improper Access Control Vulnerability CVE-2023-23752 D-Link DSL-2750B Devices Command Injection Vulnerability CVE-2016-20017 Apple Multiple Products Code Execution Vulnerability CVE-2023-41990 Apache Superset Insecure Default Initialization of Resource Vulnerability CVE-2023-27524 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-38203 Microsoft SharePoint Server Privilege Escalation Vulnerability CVE-2023-29357 Ivanti Connect Secure and Policy Secure Authentication Bypass Vulnerability CVE-2023-46805 Ivanti Connect Secure and Policy Secure Command Injection Vulnerability CVE-2024-21887

The known exploited vulnerabilities list contains vulnerabilities that are known to be activly exploited. They may not be new or recently discovered. Vulnerabilities listed here were added to this list in the past week.