Security Advisories
A collection of security advisories disclosed by Evolved Threat researchers.
Apple Music Arbitrary JavaScript Execution
MEDIUM CVE-2024-23829
By Dominik Penner •
MEDIUM CVE-2024-23829
Apple Music Arbitrary JavaScript Execution
By Dominik Penner •
DESCRIPTION
A vulnerability in Apple Music for Windows allows arbitrary JavaScript execution through maliciously crafted content.
AFFECTING
- Apple Music • TBD for Windows
Pexip Infinity Connect Arbitrary JavaScript Execution
MEDIUM CVE-2024-25973
By Dominik Penner & Jake Bolam •
MEDIUM CVE-2024-25973
Pexip Infinity Connect Arbitrary JavaScript Execution
By Dominik Penner & Jake Bolam •
DESCRIPTION
A vulnerability in Pexip Infinity Connect allows arbitrary JavaScript execution through the application's interface.
AFFECTING
- Pexip Infinity Connect • 1.13.0 for Windows, macOS, Linux, Android, iOS
Maltego XML External Entity Injection
MEDIUM CVE-2020-35707
By Dominik Penner •
MEDIUM CVE-2020-35707
Maltego XML External Entity Injection
By Dominik Penner •
DESCRIPTION
A vulnerability in Maltego allows XML external entity injection attacks through malformed input.
AFFECTING
- Maltego • 4.2.12
KDE Ark Directory Traversal Command Execution
MEDIUM CVE-2019-14743
By Dominik Penner •
MEDIUM CVE-2019-14743
KDE Ark Directory Traversal Command Execution
By Dominik Penner •
DESCRIPTION
A vulnerability in KDE Ark allows directory traversal and command execution through malicious archive files.
AFFECTING
- KDE Ark • 20.08.0