![]() ![]() This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. NOTE: it is a documented risk that the IJS server can be specified on a gs command line (the IJS device inherently must execute a command to start the IJS server). In Artifex Ghostscript through 10.01.2, gdevijs.c in GhostPDL can lead to remote code execution via crafted PostScript documents because they can switch to the IJS device, or change the IjsServer parameter, after SAFER has been activated. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. A local attacker may be able to elevate their privileges. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. ![]() The issue was addressed with improved checks. ![]() Processing web content may lead to arbitrary code execution. This issue is fixed in Safari 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40713. Sensitive information disclosure due to insecure folder permissions. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |