This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-11950.
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2024-44308
Clement Lecigne and Benoit Sevens discovered that processing
maliciously crafted web content may lead to arbitrary code
execution. Apple is aware of a report that this issue may have
been actively exploited on Intel-based Mac systems.
CVE-2024-44309
Clement Lecigne and Benoit Sevens discovered that processing
maliciously crafted web content may lead to a cross site scripting
attack. Apple is aware of a report that this issue may have been
actively exploited on Intel-based Mac systems.
The update for needrestart announced as DSA 5815-1 introduced a
regression reporting false positives for processes running in chroot or
mountns. Updated packages are now available to correct this issue.
It was discovered that in SimpleSAMLphp, an implementation of the SAML
2.0 protocol, is prone to a XXE vulnerability when loading an
(untrusted) XML document.
retsnoop-0.10.1-3.el9
Rebuild affected applications with ruzstd v0.7.3 to address RUSTSEC-2024-0400.
retsnoop-0.10.1-3.el10_0
Rebuild affected applications with ruzstd v0.7.3 to address RUSTSEC-2024-0400.
retsnoop-0.10.1-3.fc40
rust-rbspy-0.24.0-3.fc40
Rebuild affected applications with ruzstd v0.7.3 to address RUSTSEC-2024-0400.
retsnoop-0.10.1-3.fc41
rust-rbspy-0.24.0-3.fc41
Rebuild affected applications with ruzstd v0.7.3 to address RUSTSEC-2024-0400.
retsnoop-0.10.1-3.fc42
rust-rbspy-0.24.0-3.fc42
Rebuild affected applications with ruzstd v0.7.3 to address RUSTSEC-2024-0400.
rust-rustls-0.23.19-1.el9
Update to version 0.23.19.
This version includes fix for RUSTSEC-2024-0399.
