USN-6744-3: Pillow vulnerability

Read Time:24 Second

USN-6744-1 fixed a vulnerability in Pillow. This update
provides the corresponding updates for Ubuntu 24.04 LTS.

Original advisory details:

Hugo van Kemenade discovered that Pillow was not properly performing
bounds checks when processing an ICC file, which could lead to a buffer
overflow. If a user or automated system were tricked into processing a
specially crafted ICC file, an attacker could possibly use this issue
to cause a denial of service or execute arbitrary code.

A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation

A vulnerability has been discovered in SolarWinds Access Rights Manager that could allow for privilege escalation. Successful exploitation of this...

May 15, 2024

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful...

May 15, 2024

USN-6766-2: Linux kernel vulnerabilities

It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations...

May 15, 2024

git-2.45.1-1.fc39

FEDORA-2024-4c06645f07 Packages in this update: git-2.45.1-1.fc39 Update description: update to 2.45.1 Read More

May 15, 2024

git-2.45.1-1.fc40

FEDORA-2024-ecba8476e2 Packages in this update: git-2.45.1-1.fc40 Update description: update to 2.45.1 Read More

May 15, 2024

ZDI-24-456: NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI FlexLogger. User interaction is required to...

May 15, 2024

Generated by Feedzy

Cyber Security News

Smashing Security podcast #372: The fake deepfake, and Estate insecurity

Cyber-Attack Disrupts Christie’s $840M Art Auctions

PDF Exploitation Targets Foxit Reader Users

Why You Need a Personal VPN

NCSC Expands Election Cybersecurity to Safeguard Candidates and Officials

How To Spot A Fake Facebook Account

Google Expands Synthetic Content Watermarking Tool to AI-Generated Text

Santander Customer Data Compromised Following Third-Party Breach

Current Market Forces Disincentivizing Cybersecurity, Says NCSC CTO

A Vulnerability in SolarWinds Access Rights Manager Could Allow for Privilege Escalation

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

USN-6766-2: Linux kernel vulnerabilities

git-2.45.1-1.fc39

git-2.45.1-1.fc40

ZDI-24-456: NI FlexLogger FLXPROJ File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability