Read Time:7 Second
FEDORA-2023-9d8fcaee88
Packages in this update:
firefox-115.0.2-1.fc37
Update description:
Updated to latest upstream (115.0.2)
Enabled LTO
Daily Archives: July 18, 2023
firefox-115.0.2-1.fc38
Read Time:7 Second
FEDORA-2023-d5759f1edb
Packages in this update:
firefox-115.0.2-1.fc38
Update description:
Updated to latest upstream (115.0.2)
Enabled LTO
CVE-2015-10122
Read Time:24 Second
A vulnerability was found in wp-donate Plugin up to 1.4 on WordPress. It has been classified as critical. This affects an unknown part of the file includes/donate-display.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. Upgrading to version 1.5 is able to address this issue. The identifier of the patch is 019114cb788d954c5d1b36d6c62418619e93a757. It is recommended to upgrade the affected component. The identifier VDB-234249 was assigned to this vulnerability.
ZDI-23-971: (Pwn2Own) Tesla Model 3 bcmdhd Out-Of-Bounds Write Local Privilege Escalation Vulnerability
Read Time:10 Second
This vulnerability allows local attackers to escalate privileges on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute code on the wifi subsystem in order to exploit this vulnerability.
ZDI-23-972: (Pwn2Own) Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability
Read Time:12 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in order to exploit this vulnerability.
ZDI-23-973: (Pwn2Own) Tesla Model 3 bsa_server BIP Heap-based Buffer Overflow Arbitrary Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability.
CVE-2021-43072
Read Time:45 Second
A buffer copy without checking size of input (‘classic buffer overflow’) in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.
CVE-2020-36695
Read Time:30 Second
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager – Agent for RAID, Hitachi Tuning Manager – Agent for NAS
components), Hitachi Compute Systems Manager on Linux allows File Manipulation.This issue affects Hitachi Device Manager: before 8.8.5-02; Hitachi Tiered Storage Manager: before 8.8.5-02; Hitachi Replication Manager: before 8.8.5-02; Hitachi Tuning Manager: before 8.8.5-02; Hitachi Compute Systems Manager: before 8.8.3-08.