It was discovered that the Apache HTTP Server incorrectly handled certain
handlers configured via AddType. A remote attacker could possibly use this
issue to obtain source code.

Read More

FEDORA-EPEL-2024-83f366789c

Packages in this update:

chromium-126.0.6478.182-1.el9

Update description:

update to 126.0.6478.182

High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8

Read More

FEDORA-EPEL-2024-9c9b1cba1b

Packages in this update:

chromium-126.0.6478.182-1.el8

Update description:

update to 126.0.6478.182

High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8

Read More

FEDORA-2024-2a56aeb66b

Packages in this update:

chromium-126.0.6478.182-1.fc40

Update description:

update to 126.0.6478.182

High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8

Read More

FEDORA-2024-d9916cb7e2

Packages in this update:

chromium-126.0.6478.182-1.fc39

Update description:

update to 126.0.6478.182

High CVE-2024-6772: Inappropriate implementation in V8
High CVE-2024-6773: Type Confusion in V8
High CVE-2024-6774: Use after free in Screen Capture
High CVE-2024-6775: Use after free in Media Stream
High CVE-2024-6776: Use after free in Audio
High CVE-2024-6777: Use after free in Navigation
High CVE-2024-6778: Race in DevTools
High CVE-2024-6779: Out of bounds memory access in V8

Read More

It was discovered that stunnel did not properly validate client
certificates when configured to use both the redirect and verifyChain
options. A remote attacker could potentially use this issue to obtain
sensitive information by accessing the tunneled service.

Read More

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-6812.

Read More

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-6811.

Read More

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-6813.

Read More

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-6814.

Read More