ZDI-23-484: (Pwn2Own) Oracle VirtualBox OHCI USB Controller Uninitialized Memory Information Disclosure Vulnerability

Read Time:12 Second

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.

ZDI-23-485: (Pwn2Own) Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability

Read Time:11 Second

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.

ZDI-23-486: (Pwn2Own) Oracle VirtualBox GPA Request Handling Uninitialized Memory Information Disclosure Vulnerability

Read Time:12 Second

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.

ZDI-23-487: (Pwn2Own) Oracle VirtualBox TPM MMIO Handling Stack-based Buffer Overflow Local Privilege Escalation Vulnerability

Read Time:11 Second

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability.

ZDI-23-451: (Pwn2Own) TP-Link Archer AX21 merge_country_config Command Injection Remote Code Execution Vulnerability

Read Time:8 Second

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability.

ZDI-23-452: (Pwn2Own) TP-Link AX1800 hotplugd Firewall Rule Race Condition Vulnerability

Read Time:9 Second

This vulnerability allows remote attackers to gain access to LAN-side services on affected installations of TP-Link Archer AX21 routers. Authentication is not required to exploit this vulnerability.

chromium-112.0.5615.165-1.fc37

Read Time:15 Second

FEDORA-2023-2b6ba1c253

Packages in this update:

chromium-112.0.5615.165-1.fc37

Update description:

update to 112.0.5615.165. Fixes the following security issues:

CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033 CVE-2023-2136

chromium-112.0.5615.165-1.el8

Read Time:37 Second

FEDORA-EPEL-2023-221f366aca

Packages in this update:

chromium-112.0.5615.165-1.el8

Update description:

update to 112.0.5615.165. Fixes the following security issues:

CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033 CVE-2023-2136

update to 112.0.5615.121. Fixes the following security issues:

CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033

update to 112.0.5615.49. Fixes the following security issues:

CVE-2023-1528 CVE-2023-1529 CVE-2023-1530 CVE-2023-1531 CVE-2023-1532 CVE-2023-1533 CVE-2023-1534, CVE-2023-25193,
CVE-2023-2004

chromium-112.0.5615.165-1.fc36

Read Time:15 Second

FEDORA-2023-fa739b5753

Packages in this update:

chromium-112.0.5615.165-1.fc36

Update description:

update to 112.0.5615.165. Fixes the following security issues:

CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033 CVE-2023-2136

chromium-112.0.5615.165-1.fc38

Read Time:15 Second

FEDORA-2023-911c060ded

Packages in this update:

chromium-112.0.5615.165-1.fc38

Update description:

update to 112.0.5615.165. Fixes the following security issues:

CVE-2023-2004 CVE-2023-2133 CVE-2023-2134 CVE-2023-2135 CVE-2023-2136 CVE-2023-2137 CVE-2023-2033 CVE-2023-2136

News, Advisories and much more

Exit mobile version