#js

An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute SMM memory corruption.

Stack-based Buffer Overflow in vulnerability HDCP trustlet prior to SMR Oct-2023 Release 1 allows attacker to perform code execution.

Red Hat OpenShift Container Platform release 4.12.36 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2253: A flaw was found in the `/v2/_catalog` endpoint in distribution/distribution, which accepts a parameter to control the maximum number of records returned (query string: `n`). This vul...

### Summary Presto JDBC is vulnerable to Server-Side Request Forgery (SSRF) when connecting a remote Presto server. An attacker can modify the nextUri parameter to internal server in response content that Presto JDBC client will request next and view sensitive information from highly sensitive internal servers or perform a local port scan. ### Details The Presto protocol has a nextUri parameter that specifies which URI the client will request next to obtain more query data. Presto JDBC will directly use the nextUri returned by the remote Presto server as the URL for the next request. So if a malicious server modify the nextUri parameter to the internal server, JDBC will request it and cause SSRF. For unexpected responses, JDBC will put the response body into the error. So the response of the internal server will be leaked if the server also returns the error directly to the user. The relevant code is in file path `/presto-client/src/main/java/com/facebook/presto/client/StatementC...

SAP Enable Now Manager version 10.6.5 Build 2804 Cloud Edition suffers from cross site request forgery, cross site scripting, and open redirection vulnerabilities.

openVIVA c2 suffers from a persistent cross site scripting vulnerability. Versions prior to 20220801 are affected.

Red Hat Security Advisory 2023-5414-01 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important.

Apple Security Advisory 09-26-2023-9 - tvOS 17 addresses bypass, code execution, out of bounds read, and use-after-free vulnerabilities.

Apple Security Advisory 09-26-2023-8 - watchOS 10 addresses bypass, code execution, out of bounds read, spoofing, and use-after-free vulnerabilities.

Apple Security Advisory 09-26-2023-5 - macOS Monterey 12.7 addresses code execution and out of bounds read vulnerabilities.