ZDI-24-1640: XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-11950.

USN-7171-1: PHPUnit vulnerability

It was discovered that PHPUnit incorrectly handled web requests if exposed to the internet. An attacker could possibly use this...

December 18, 2024

USN-7168-1: EditorConfig vulnerabilities

It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use...

December 18, 2024

dante-1.4.4-1.fc42

FEDORA-2024-e922e33593 Packages in this update: dante-1.4.4-1.fc42 Update description: Automatic update for dante-1.4.4-1.fc42. Changelog * Wed Dec 18 2024 Tim Semeijn...

December 18, 2024