Read Time:8 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
Monthly Archives: August 2023
ZDI-23-1280: D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability
Read Time:9 Second
This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability.
ZDI-23-1221: LG LED Assistant upload Directory Traversal Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability.
ZDI-23-1222: LG LED Assistant setThumbnailRc Directory Traversal Remote Code Execution Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability.
ZDI-23-1223: LG LED Assistant thumbnail Directory Traversal Information Disclosure Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability.
ZDI-23-1224: LG LED Assistant updateFile Directory Traversal Information Disclosure Vulnerability
Read Time:7 Second
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability.
DSA-5483 chromium – security update
Read Time:7 Second
Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
USN-6307-1: JOSE for C/C++ vulnerability
Read Time:13 Second
It was discovered that JOSE for C/C++ AES GCM decryption routine incorrectly
uses the Tag length from the actual Authentication Tag provided in the JWE.
An attacker could use this to cause a denial of service (system crash) or
might expose sensitive information.
kubernetes-1.27.5-1.fc39
Read Time:18 Second
FEDORA-2023-8f8ddb2428
Packages in this update:
kubernetes-1.27.5-1.fc39
Update description:
Updates to Kubernetes for F38 and F39. Security fixes for CVE-2023-3955 and CVE-2023-3676. Related update for rawhide already in stable. Update for F37 is currently in COPR at https://copr.fedorainfracloud.org/coprs/buckaroogeek/copr-k8s-1.25/ due to golang blocker.
kubernetes-1.26.8-1.fc38
Read Time:18 Second
FEDORA-2023-a3fcc0751f
Packages in this update:
kubernetes-1.26.8-1.fc38
Update description:
Updates to Kubernetes for F38 and F39. Security fixes for CVE-2023-3955 and CVE-2023-3676. Related update for rawhide already in stable. Update for F37 is currently in COPR at https://copr.fedorainfracloud.org/coprs/buckaroogeek/copr-k8s-1.25/ due to golang blocker.