Read Time:5 Second
FEDORA-2024-b07b0b41ec
Packages in this update:
llama-cpp-b3561-1.fc40
Update description:
Update to b3561
Category Archives: Advisories
python-quart-0.19.8-1.fc40
Read Time:21 Second
FEDORA-2024-51bff89a25
Packages in this update:
python-quart-0.19.8-1.fc40
Update description:
Security fix for GHSA-q34m-jh98-gwm2.
0.19.8 2024-10-25
Bugfix: Fix missing check that caused the previous fix to raise an error.
0.19.7 2024-10-25
Security Fix: how max_form_memory_size is applied when parsing large non-file fields. https://github.com/advisories/GHSA-q34m-jh98-gwm2
python-quart-0.19.8-1.fc41
Read Time:21 Second
FEDORA-2024-2f78bf0769
Packages in this update:
python-quart-0.19.8-1.fc41
Update description:
Security fix for GHSA-q34m-jh98-gwm2.
0.19.8 2024-10-25
Bugfix: Fix missing check that caused the previous fix to raise an error.
0.19.7 2024-10-25
Security Fix: how max_form_memory_size is applied when parsing large non-file fields. https://github.com/advisories/GHSA-q34m-jh98-gwm2
DSA-5798-1 activemq – security update
Read Time:9 Second
Christoper L. Shannon discovered that the implementation of the OpenWire
protocol in Apache ActiveMQ was susceptible to the execution of
arbitrary code.
python-single-version-1.6.0-1.fc40
Read Time:6 Second
FEDORA-2024-e82145eb25
Packages in this update:
python-single-version-1.6.0-1.fc40
Update description:
Initial import
SEC Consult SA-20241024-0 :: Unauthenticated Path Traversal Vulnerability in Lawo AG – vsm LTC Time Sync (vTimeSync) (CVE-2024-6049)
Read Time:17 Second
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 24
SEC Consult Vulnerability Lab Security Advisory < 20241024-0 >
=======================================================================
title: Unauthenticated Path Traversal Vulnerability
product: Lawo AG – vsm LTC Time Sync (vTimeSync)
vulnerable version: <4.5.6.0
fixed version: 4.5.6.0
CVE number: CVE-2024-6049
impact: high
homepage:…
[RESEARCH] DTLS ‘ClientHello’ Race Conditions in WebRTC Implementations
Read Time:19 Second
Posted by Sandro Gauci via Fulldisclosure on Oct 24
Dear Full Disclosure community,
We’ve released a white paper detailing a critical vulnerability affecting multiple WebRTC implementations: “DTLS
‘ClientHello’ Race Conditions in WebRTC Implementations”.
White paper: https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf
Key points:
1. Vulnerability: Failure to properly verify the origin of DTLS “ClientHello” messages in WebRTC…
Adversary3 updated with 700 malware and C2 panel vulnerabilities
Read Time:10 Second
Posted by malvuln on Oct 24
Adversary3 malware vulnerability intel tool for third-party attackers
living off malware (LOM), updated with 700 malware and C2 panel
vulnerabilities
https://github.com/malvuln/Adversary3
Thanks,
malvuln
DSA-5797-1 twisted – security update
Read Time:11 Second
Multiple security issues were found in Twisted, an event-based framework
for internet applications, which could result in incorrect ordering of
HTTP requests or cross-site scripting.
DSA-5796-1 libheif – security update
Read Time:12 Second
Multiple security issues were found in libheif, a library to parse HEIF
and AVIF files, which could result in denial of service or potentially
the execution of arbitrary code.