Read Time:8 Second
FEDORA-EPEL-2024-9376ff0291
Packages in this update:
openvpn-2.5.11-1.el9
Update description:
Update to upstream OpenVPN 2.5.11
Fixes CVE-2024-5594
Category Archives: Advisories
Oracle Quarterly Critical Patches Issued July 16, 2024
Read Time:6 Second
Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.
USN-6902-1: Apache HTTP Server vulnerability
Read Time:8 Second
It was discovered that the Apache HTTP Server incorrectly handled certain
handlers configured via AddType. A remote attacker could possibly use this
issue to obtain source code.
chromium-126.0.6478.182-1.el9
Read Time:29 Second
FEDORA-EPEL-2024-83f366789c
Packages in this update:
chromium-126.0.6478.182-1.el9
Update description:
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.el8
Read Time:29 Second
FEDORA-EPEL-2024-9c9b1cba1b
Packages in this update:
chromium-126.0.6478.182-1.el8
Update description:
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.fc40
Read Time:28 Second
FEDORA-2024-2a56aeb66b
Packages in this update:
chromium-126.0.6478.182-1.fc40
Update description:
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
chromium-126.0.6478.182-1.fc39
Read Time:28 Second
FEDORA-2024-d9916cb7e2
Packages in this update:
chromium-126.0.6478.182-1.fc39
Update description:
update to 126.0.6478.182
High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8
USN-6901-1: stunnel vulnerability
Read Time:12 Second
It was discovered that stunnel did not properly validate client
certificates when configured to use both the redirect and verifyChain
options. A remote attacker could potentially use this issue to obtain
sensitive information by accessing the tunneled service.
ZDI-24-904: IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:16 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-6812.
ZDI-24-903: IrfanView WSQ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:16 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-6811.