A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.7, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

A logic issue was addressed with improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4. A user's locked tabs may be briefly visible while switching tab groups when Locked Private Browsing is enabled.

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 17.4 and iPadOS 17.4. An app may be able to read sensitive location information.

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

Dell PowerScale OneFS 8.2.x through 9.6.0.x contain an insufficient logging vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, causing audit messages lost and not recorded for a specific time period.

Dell PowerScale OneFS 8.2.x through 9.6.0.x contains a use of a broken or risky cryptographic algorithm vulnerability. A remote unprivileged attacker could potentially exploit this vulnerability, leading to compromise of confidentiality and integrity of sensitive information

Stored XSS Vulnerability in M-Files Web versions before 23.8 allows attacker to execute script on users browser via stored HTML document within limited time period.

Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220.

Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0.

Server-Side Request Forgery (SSRF) vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0.

Insertion of Sensitive Information Into Sent Data vulnerability in tainacan Tainacan tainacan.This issue affects Tainacan: from n/a through <= 0.20.6.

Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix change-table-prefix allows Cross Site Request Forgery.This issue affects Change Table Prefix: from n/a through <= 2.0.

A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges. This disparity in privilege levels poses a risk when privileged root processes interact with directories or directory trees owned by unprivileged PCP users. Specifically, this vulnerability may lead to the compromise of PCP user isolation and facilitate local PCP-to-root exploits, particularly through symlink attacks. These vulnerabilities underscore the importance of maintaining robust privilege separation mechanisms within PCP to mitigate the potential for unauthorized privilege escalation.

In the module "Product Catalog (CSV, Excel) Import" (simpleimportproduct) <= 6.7.0 from MyPrestaModules for PrestaShop, a guest can upload files with extensions .php.

Improper access control in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an authenticated user to potentially enable escalation of privilege via local access.

Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Improper neutralization in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Insufficient control flow management in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable information disclosure via network access.

Uncaught exception in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow a privileged user to potentially enable denial of service via local access.

Improper input validation in some Intel(R) Ethernet Adapters and Intel(R) Ethernet Controller I225 Manageability firmware may allow an unauthenticated user to potentially enable denial of service via network access.

Denial of service condition in M-Files Server in versions before 24.2 (excluding 23.2 SR7 and 23.8 SR5) allows anonymous user to cause denial of service against other anonymous users.

Sametime Connect desktop chat client includes, but does not use or require, the use of an Eclipse feature called Secure Storage. Using this Eclipse feature to store sensitive data can lead to exposure of that data.

Unauthenticated remote attackers can access the system through the LoadMaster management interface, enabling arbitrary system command execution.