Category: Advisories

What is the Vulnerability?Microsoft Windows contains an NTLMv2 hash spoofing vulnerability (CVE-2024-43451) that could result in disclosing a user's NTLMv2 hash to an attacker via...

FEDORA-2024-70cf80279f Packages in this update: dotnet9.0-9.0.100-1.fc40 Update description: This is the .NET 9.0 GA release. It contains security fixes for CVE-2024-43498 and CVE-2024-43499 Announcement: https://devblogs.microsoft.com/dotnet/announcing-dotnet-9/...

Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A...

A CVSS score 7.5 AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam)' was reported to the affected vendor on: 2024-11-15, 0...

It was discovered that the GD Graphics Library did not perform proper bounds checking while handling BMP and WebP files. If a user were tricked...

A security issue was discovered in Thunderbird, which could result in the disclosure of OpenPGP encrypted messages. https://security-tracker.debian.org/tracker/DSA-5814-1 Read More

Moritz Rauch discovered that the Symfony PHP framework implemented persisted remember-me cookies incorrectly, which could result in authentication bypass. https://security-tracker.debian.org/tracker/DSA-5813-1 Read More

Multiple security issues were discovered in PostgreSQL, which may result in the execution of arbitrary code, privilege escalation or log manipulation. https://security-tracker.debian.org/tracker/DSA-5812-1 Read More

Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2 streams. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-41723) Marten...

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this...