FEDORA-2024-020937763e
Packages in this update:
moodle-4.3.5-1.fc40
Update description:
Fix for multiple CVEs
moodle-4.3.5-1.fc40
Fix for multiple CVEs
moodle-4.3.5-1.fc39
Fix for multiple CVEs
UK-based gym chain Total Fitness has been accused of sloppy security, following the discovery of an unsecured database containing the images of 470,000 members and staff – all accessible to anyone on the internet, no password required.
Read more in my article on the Hot for Security blog.
kitty-0.35.1-4.fc41
Automatic update for kitty-0.35.1-4.fc41.
* Mon Jun 17 2024 Pavel Solovev <daron439@gmail.com> – 0.35.1-4
– rebuild for rhbz#2292712
Multiple vulnerabilities have been discovered in VMware vCenter Server and Cloud Foundation, the most severe of which could allow for remote code execution. VMware vCenter Server is the centralized management utility for VMware. VMware Cloud Foundation is a multi-cloud platform that provides a full-stack hyperconverged infrastructure (HCI) that is made for modernizing data centers and deploying modern container-based applications. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the administrator account. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
A Barracuda report found that 92% of organizations experienced an average of six credential compromises caused by email-based social engineering attacks in 2023
Recorded Future has found that Vortax, a purported virtual meeting software, is actually malicious software spreading three information stealers
VMware has disclosed critical vulnerabilities impacting its VMware vSphere and VMware Cloud Foundation products, with patches available for customers
ghostscript-10.02.1-4.fc39
Fix for issues in gating
Security fix for CVE-2024-33871
Salt Security study finds 23% of organizations suffered a breach via production APIs in 2023