#dos

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: CompactLogix 5380, ControlLogix 5580, GuardLogix 5580, Compact GuardLogix 5380, CompactLogix 5480 Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could crash the device being accessed. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Rockwell Automation products are affected: CompactLogix 5380 (5069 - L3z): Versions prior to v36.011, v35.013, v34.014 CompactLogix 5480 (5069 - L4): Versions prior to v36.011, v35.013, v34.014 ControlLogix 5580 (1756 - L8z): Versions prior to v36.011, v35.013, v34.014 GuardLogix 5580 (1756 - L8z): Versions prior to v36.011, v35.013, v34.014 Compact GuardLogix 5380 (5069 - L3zS2): Versions prior to v36.011, v35.013, v34.014 3.2 Vulnerability Overview 3.2.1 Improper Input Validation CWE-20 A denial-of-service vulnerability exists in the affected products. A m...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Ocean Data Systems Equipment: Dream Report 2023 Vulnerabilities: Path Traversal, Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to perform remote code execution or escalate their privileges and cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following components of Ocean Data Systems Dream Report, a report generating and delivery software, are affected: Dream Report 2023: Version 23.0.17795.1010 and prior AVEVA Reports for Operations 2023: Version 23.0.17795.1010 3.2 Vulnerability Overview 3.2.1 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22 In Ocean Data Systems Dream Report, a path traversal vulnerability could allow an attacker to perform remote code execution through the injection of a malicious dynamic-link...

**Windows 11, version 24H2 is not generally available yet. Why are there updates for this version of Windows listed in the Security Updates table?** The new Copilot+ devices that are now publicly available come with Windows 11, version 24H2 installed. Customers with these devices need to know about any vulnerabilities that affect their machine and to install the updates if they are not receiving automatic updates. Note that the general availability date for Windows 11, version 24H2 is scheduled for later this year.

**Windows 11, version 24H2 is not generally available yet. Why are there updates for this version of Windows listed in the Security Updates table?** The new Copilot+ devices that are now publicly available come with Windows 11, version 24H2 installed. Customers with these devices need to know about any vulnerabilities that affect their machine and to install the updates if they are not receiving automatic updates. Note that the general availability date for Windows 11, version 24H2 is scheduled for later this year.

**Windows 11, version 24H2 is not generally available yet. Why are there updates for this version of Windows listed in the Security Updates table?** The new Copilot+ devices that are now publicly available come with Windows 11, version 24H2 installed. Customers with these devices need to know about any vulnerabilities that affect their machine and to install the updates if they are not receiving automatic updates. Note that the general availability date for Windows 11, version 24H2 is scheduled for later this year.

**Windows 11, version 24H2 is not generally available yet. Why are there updates for this version of Windows listed in the Security Updates table?** The new Copilot+ devices that are now publicly available come with Windows 11, version 24H2 installed. Customers with these devices need to know about any vulnerabilities that affect their machine and to install the updates if they are not receiving automatic updates. Note that the general availability date for Windows 11, version 24H2 is scheduled for later this year.

**Windows 11, version 24H2 is not generally available yet. Why are there updates for this version of Windows listed in the Security Updates table?** The new Copilot+ devices that are now publicly available come with Windows 11, version 24H2 installed. Customers with these devices need to know about any vulnerabilities that affect their machine and to install the updates if they are not receiving automatic updates. Note that the general availability date for Windows 11, version 24H2 is scheduled for later this year.

Gentoo Linux Security Advisory 202408-33 - Multiple vulnerabilities have been discovered in protobuf-c, the worst of which could result in denial of service. Versions greater than or equal to 1.4.1 are affected.

Gentoo Linux Security Advisory 202408-32 - Multiple vulnerabilities have been discovered in PHP, the worst of which can lead to a denial of service. Versions greater than or equal to 8.1.29:8.1 are affected.

Gentoo Linux Security Advisory 202408-31 - A vulnerability has been discovered in protobuf and protobuf-python, which can lead to a denial of service. Versions greater than or equal to 3.20.3 are affected.