MacOS Local Privilege Escalation Exploitable through Cisco AnyConnect Secure Mobility Client

THIS DOCUMENT IS PROVIDED ON AN “AS IS” BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.

A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-10698 : TENDA AC6 15.03.05.19 /GOFORM/SETONLINEDEVNAME FORMSETDEVICENAME DEVNAME STACK-BASED OVERFLOW

CVE-2024-10698 : TENDA AC6 15.03.05.19 /GOFORM/SETONLINEDEVNAME FORMSETDEVICENAME DEVNAME STACK-BASED OVERFLOW

Description A vulnerability was found in Tenda AC6 15.03.05.19 and classified as critical. Affected by this issue is the function

CVE-2024-41745 : IBM CICS TX STANDARD 11.1 WEB UI CROSS SITE SCRIPTING

CVE-2024-41745 : IBM CICS TX STANDARD 11.1 WEB UI CROSS SITE SCRIPTING

Description IBM CICS TX Standard is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript

CVE-2024-49770 : OAK UP TO 17.1.2 API CONTEXT.SEND PATH TRAVERSAL

CVE-2024-49770 : OAK UP TO 17.1.2 API CONTEXT.SEND PATH TRAVERSAL

Description `oak` is a middleware framework for Deno’s native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and