ZDI-24-1369: Zimbra GraphQL Cross-Site Request Forgery Information Disclosure Vulnerability

Read Time:15 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Zimbra. User interaction is required to exploit this vulnerability in that the target must open a malicious email message. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2024-9665.

edk2-20240813-2.fc40

FEDORA-2024-45df72afc6 Packages in this update: edk2-20240813-2.fc40 Update description: Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public...

October 11, 2024

edk2-20240813-2.fc41

FEDORA-2024-9cc95d56ce Packages in this update: edk2-20240813-2.fc41 Update description: Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public...

October 11, 2024

USN-7063-1: Ubuntu Advantage Desktop Daemon vulnerability

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked the Pro token to unprivileged users by passing the token...

October 11, 2024

glibc-2.38-19.fc39

FEDORA-2024-df41d584d0 Packages in this update: glibc-2.38-19.fc39 Update description: Auto-sync with upstream branch release/2.38/master Add BuildRequires:gzip for compressed character maps and...

October 11, 2024