Read Time:8 Second
It was discovered that the Apache HTTP Server incorrectly handled certain
handlers configured via AddType. A remote attacker could possibly use this
issue to obtain source code.
Monthly Archives: July 2024
US Data Breach Victim Numbers Surge 1170% Annually
Read Time:6 Second
New figures reveal a massive 1170% increase in people impacted by data breaches in Q2 2024 versus a year ago
UK Government Set to Introduce New Cyber Security and Resilience Bill
Read Time:4 Second
A new UK Cyber Security and Resilience Bill will update the NIS Regulations
chromium-126.0.6478.182-1.el9
Read Time:29 Second
FEDORA-EPEL-2024-83f366789c
Packages in this update:
chromium-126.0.6478.182-1.el9
Update description:
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.el8
Read Time:29 Second
FEDORA-EPEL-2024-9c9b1cba1b
Packages in this update:
chromium-126.0.6478.182-1.el8
Update description:
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.fc40
Read Time:28 Second
FEDORA-2024-2a56aeb66b
Packages in this update:
chromium-126.0.6478.182-1.fc40
Update description:
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.fc39
Read Time:28 Second
FEDORA-2024-d9916cb7e2
Packages in this update:
chromium-126.0.6478.182-1.fc39
Update description:
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
USN-6901-1: stunnel vulnerability
Read Time:12 Second
It was discovered that stunnel did not properly validate client
certificates when configured to use both the redirect and verifyChain
options. A remote attacker could potentially use this issue to obtain
sensitive information by accessing the tunneled service.
ZDI-24-905: SolarWinds Access Rights Manager deleteTransferFile Directory Traversal Arbitrary File Deletion and Information Disclosure Vulnerability
Read Time:14 Second
This vulnerability allows remote attackers to delete arbitrary files and disclose sensitive information on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.6. The following CVEs are assigned: CVE-2024-28992.
ZDI-24-906: SolarWinds Access Rights Manager createGlobalServerChannelInternal Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 10.0. The following CVEs are assigned: CVE-2024-28074.