USN-6945-1: wpa_supplicant and hostapd vulnerability
Rory McNamara discovered that wpa_supplicant could be made to load arbitrary shared objects by unprivileged users that have access to the control interface. An attacker...
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser...
tor-0.4.8.12-2.el8
FEDORA-EPEL-2024-2d8a766d53 Packages in this update: tor-0.4.8.12-2.el8 Update description: Re-add systemd-devel as build dependency so the daemon knows how to notify systemd that it was started...
tor-0.4.8.12-2.el9
FEDORA-EPEL-2024-4188096f1c Packages in this update: tor-0.4.8.12-2.el9 Update description: Re-add systemd-devel as build dependency so the daemon knows how to notify systemd that it was started...
tor-0.4.8.12-2.fc39
FEDORA-2024-c2da7f4de7 Packages in this update: tor-0.4.8.12-2.fc39 Update description: Re-add systemd-devel as build dependency so the daemon knows how to notify systemd that it was started...
tor-0.4.8.12-2.fc40
FEDORA-2024-3f9eb3c86c Packages in this update: tor-0.4.8.12-2.fc40 Update description: Re-add systemd-devel as build dependency so the daemon knows how to notify systemd that it was started...
ZDI-24-1099: Apache OFBiz resolveURI Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Apache OFBiz. Authentication is not required to exploit this vulnerability. The ZDI has...
ZDI-24-1098: (0Day) Microsoft Windows Error Reporting Service Missing Authorization Arbitrary Process Termination Vulnerability
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute...
ZDI-24-1097: (0Day) Microsoft GitHub Dev-Containers Improper Privilege Management Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on Microsoft GitHub. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating...
ZDI-24-1096: (0Day) Microsoft Office Visio EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in...