Read Time:6 Second
FEDORA-2024-a4392c5143
Packages in this update:
yt-dlp-2024.07.02-1.fc39
Update description:
Update to 2024.07.02
Category Archives: Advisories
yt-dlp-2024.07.02-1.fc40
Read Time:6 Second
FEDORA-2024-0ba1c1a435
Packages in this update:
yt-dlp-2024.07.02-1.fc40
Update description:
Update to 2024.07.02
USN-6877-1: LibreOffice vulnerability
Read Time:10 Second
It was discovered that LibreOffice incorrectly performed TLS certificate
verification when the LibreOfficeKit library is being used by third-party
components. A remote attacker could possibly use this issue to obtain
sensitive information.
python3.6-3.6.15-29.fc39
Read Time:7 Second
FEDORA-2024-7bba7e65d3
Packages in this update:
python3.6-3.6.15-29.fc39
Update description:
Security fix for CVE-2024-4032 (rhbz#2293394)
python3.6-3.6.15-31.fc40
Read Time:7 Second
FEDORA-2024-732aedeb4d
Packages in this update:
python3.6-3.6.15-31.fc40
Update description:
Security fix for CVE-2024-4032 (rhbz#2293394)
python3.6-3.6.15-31.fc41
Read Time:15 Second
FEDORA-2024-8761735ee2
Packages in this update:
python3.6-3.6.15-31.fc41
Update description:
Automatic update for python3.6-3.6.15-31.fc41.
Changelog
* Tue Jul 2 2024 Lumír Balhar <lbalhar@redhat.com> – 3.6.15-31
– Security fix for CVE-2024-4032 (rhbz#2293394)
CyberDanube Security Research 20240703-0 | Authenticated Command Injection in Helmholz Industrial Router REX100
Read Time:14 Second
Posted by Thomas Weber via Fulldisclosure on Jul 03
CyberDanube Security Research 20240703-0
——————————————————————————-
title| Authenticated Command Injection
product| Helmholz Industrial Router REX100
| MBConnectline mbNET.mini
vulnerable version| <= 2.2.11
fixed version| 2.2.13
CVE number| CVE-2024-5672
impact| High
homepage|…
SEC Consult SA-20240627-0 :: Local Privilege Escalation via MSI installer in SoftMaker Office / FreeOffice
Read Time:15 Second
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jul 03
SEC Consult Vulnerability Lab Security Advisory < 20240627-0 >
=======================================================================
title: Local Privilege Escalation via MSI installer
product: SoftMaker Office / FreeOffice
vulnerable version: SoftMaker Office 2024 / NX before revision 1214
FreeOffice 2021 Revision 1068
FreeOffice 2024 before revision 1215…
SEC Consult SA-20240626-0 :: Multiple Vulnerabilities in Siemens Power Automation Products
Read Time:20 Second
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jul 03
SEC Consult Vulnerability Lab Security Advisory < 20240626-0 >
=======================================================================
title: Multiple Vulnerabilities in Power Automation Products
product: Siemens CP-8000/CP-8021/CP8-022/CP-8031/CP-8050/SICORE
vulnerable version: CPC80 < V16.41 / CPCI85 < V5.30 / OPUPI0 < V5.30 / SICORE < V1.3.0 /
CPCX26 < V06.02 for CP-2016…
Novel DoS Vulnerability Affecting WebRTC Media Servers
Read Time:23 Second
Posted by Sandro Gauci via Fulldisclosure on Jul 03
Dear Colleagues,
We have published a new blog post discussing a novel Denial-of-Service (DoS) vulnerability affecting WebRTC media
servers.
## Executive summary (TL;DR)
A critical denial-of-service (DoS) vulnerability has been identified in media servers that process WebRTC’s DTLS-SRTP,
specifically in their handling of ClientHello messages. This vulnerability arises from a race condition between ICE and
DTLS traffic and can be exploited…