Read Time:8 Second
FEDORA-2024-5abfdba2b7
Packages in this update:
mingw-python-waitress-2.1.2-7.fc40
Update description:
Backport fixes for CVE-2024-49768 and CVE-2024-49769.
Category Archives: Advisories
python-aiohttp-3.9.5-2.el9
Read Time:7 Second
FEDORA-EPEL-2024-7ac44bd3cc
Packages in this update:
python-aiohttp-3.9.5-2.el9
Update description:
Security fix for CVE-2024-52304
python-aiohttp-3.9.5-2.fc39
Read Time:7 Second
FEDORA-2024-8c3c0913dc
Packages in this update:
python-aiohttp-3.9.5-2.fc39
Update description:
Security fix for CVE-2024-52304
ZDI-24-1515: (0Day) Hugging Face Transformers Trax Model Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-11394.
ZDI-24-1514: (0Day) Hugging Face Transformers MaskFormer Model Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-11393.
ZDI-24-1513: (0Day) Hugging Face Transformers MobileViTV2 Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-11392.
python-aiohttp-3.9.5-2.fc40
Read Time:7 Second
FEDORA-2024-04ceb82dc7
Packages in this update:
python-aiohttp-3.9.5-2.fc40
Update description:
Security fix for CVE-2024-52304
python-aiohttp-3.10.5-3.fc41
Read Time:7 Second
FEDORA-2024-49df7093ac
Packages in this update:
python-aiohttp-3.10.5-3.fc41
Update description:
Security fix for CVE-2024-52304
libsndfile-1.2.2-5.fc41
Read Time:8 Second
FEDORA-2024-1318318e7a
Packages in this update:
libsndfile-1.2.2-5.fc41
Update description:
fix crash in in ogg vorbis (#2322326) (CVE-2024-50612)
Multiple Vulnerabilities in Palo Alto PAN-OS Could Allow for Authentication Bypass
Read Time:17 Second
Multiple vulnerabilities have been discovered in Palo Alto PAN-OS, the most severe of which could allow for authentication bypass. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation could allow for authentication bypass with administrator privileges. An attacker could then install programs; view, change, or delete data.