Several security issues were discovered in the WebKitGTK Web and JavaScript
engines. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
mingw-python3-3.11.10-2.fc40
Backport fix for CVE-2024-9287
Update to python-3.11.0.
mingw-python3-3.11.10-2.fc41
Backport fix for CVE-2024-9287
Update to python-3.11.0.
mingw-libsoup-2.74.3-8.fc40
Backport fixes for CVE-2024-52530 and CVE-2024-52532.
mingw-libsoup-2.74.3-8.fc41
Backport fixes for CVE-2024-52530 and CVE-2024-52532.
mingw-glib2-2.82.2-1.fc41
Update to 2.82.2, fixes CVE-2024-52533.
mingw-glib2-2.82.2-1.fc40
Update to 2.82.2, fixes CVE-2024-52533.
This vulnerability allows remote attackers to bypass authentication on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-7763.
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the extension info message. An attacker able to
intercept communications could possibly use this issue to downgrade
the algorithm used for client authentication. (CVE-2023-46445)
Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH
did not properly handle the user authentication request message. An
attacker could possibly use this issue to control the remote end of an SSH
client session via packet injection/removal and shell emulation.
(CVE-2023-46446)
cobbler3.2-3.2.3-1.el8
Update to 3.2.3 – CVE-2024-47533
