This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-20734.
Monthly Archives: February 2024
ZDI-24-168: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-20728.
ZDI-24-169: Adobe Audition AVI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Audition. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-20739.
syncthing-1.27.3-1.el8
FEDORA-EPEL-2024-10430622fd
Packages in this update:
syncthing-1.27.3-1.el8
Update description:
Update to version 1.27.3.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.27.3
This update also addresses CVE-2023-49295 in quic-go: https://github.com/quic-go/quic-go/security/advisories/GHSA-ppxx-5m9h-6vxf
syncthing-1.27.3-1.el9
FEDORA-EPEL-2024-f808902932
Packages in this update:
syncthing-1.27.3-1.el9
Update description:
Update to version 1.27.3.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.27.3
This update also addresses CVE-2023-49295 in quic-go: https://github.com/quic-go/quic-go/security/advisories/GHSA-ppxx-5m9h-6vxf
20+ hospitals in Romania hit hard by ransomware attack on IT service provider
Over 20 hospitals in Bucharest have reportedly been impacted by a ransomware attack after cybercriminals targeted an IT service provider. As a consequence medical staff have been forced to use pen-and-paper rather than computer systems.
syncthing-1.27.3-1.fc38
FEDORA-2024-b93312a597
Packages in this update:
syncthing-1.27.3-1.fc38
Update description:
Update to version 1.27.3.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.27.3
This update also addresses CVE-2023-49295 in quic-go: https://github.com/quic-go/quic-go/security/advisories/GHSA-ppxx-5m9h-6vxf
syncthing-1.27.3-1.fc39
FEDORA-2024-c46536abe6
Packages in this update:
syncthing-1.27.3-1.fc39
Update description:
Update to version 1.27.3.
Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.27.3
This update also addresses CVE-2023-49295 in quic-go: https://github.com/quic-go/quic-go/security/advisories/GHSA-ppxx-5m9h-6vxf
freeglut-3.4.0-7.fc38
FEDORA-2024-0356803680
Packages in this update:
freeglut-3.4.0-7.fc38
Update description:
Patch for CVE-2024-24258 and CVE-2024-24259
freeglut-3.4.0-7.fc39
FEDORA-2024-b69a4d75a1
Packages in this update:
freeglut-3.4.0-7.fc39
Update description:
Patch for CVE-2024-24258 and CVE-2024-24259