Read Time:6 Second
FEDORA-2024-0ba1c1a435
Packages in this update:
yt-dlp-2024.07.02-1.fc40
Update description:
Update to 2024.07.02
Category Archives: Advisories
USN-6877-1: LibreOffice vulnerability
Read Time:10 Second
It was discovered that LibreOffice incorrectly performed TLS certificate
verification when the LibreOfficeKit library is being used by third-party
components. A remote attacker could possibly use this issue to obtain
sensitive information.
python3.6-3.6.15-29.fc39
Read Time:7 Second
FEDORA-2024-7bba7e65d3
Packages in this update:
python3.6-3.6.15-29.fc39
Update description:
Security fix for CVE-2024-4032 (rhbz#2293394)
python3.6-3.6.15-31.fc40
Read Time:7 Second
FEDORA-2024-732aedeb4d
Packages in this update:
python3.6-3.6.15-31.fc40
Update description:
Security fix for CVE-2024-4032 (rhbz#2293394)
python3.6-3.6.15-31.fc41
Read Time:15 Second
FEDORA-2024-8761735ee2
Packages in this update:
python3.6-3.6.15-31.fc41
Update description:
Automatic update for python3.6-3.6.15-31.fc41.
Changelog
* Tue Jul 2 2024 Lumír Balhar <lbalhar@redhat.com> – 3.6.15-31
– Security fix for CVE-2024-4032 (rhbz#2293394)
CyberDanube Security Research 20240703-0 | Authenticated Command Injection in Helmholz Industrial Router REX100
Read Time:14 Second
Posted by Thomas Weber via Fulldisclosure on Jul 03
CyberDanube Security Research 20240703-0
——————————————————————————-
title| Authenticated Command Injection
product| Helmholz Industrial Router REX100
| MBConnectline mbNET.mini
vulnerable version| <= 2.2.11
fixed version| 2.2.13
CVE number| CVE-2024-5672
impact| High
homepage|…
SEC Consult SA-20240627-0 :: Local Privilege Escalation via MSI installer in SoftMaker Office / FreeOffice
Read Time:15 Second
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jul 03
SEC Consult Vulnerability Lab Security Advisory < 20240627-0 >
=======================================================================
title: Local Privilege Escalation via MSI installer
product: SoftMaker Office / FreeOffice
vulnerable version: SoftMaker Office 2024 / NX before revision 1214
FreeOffice 2021 Revision 1068
FreeOffice 2024 before revision 1215…
SEC Consult SA-20240626-0 :: Multiple Vulnerabilities in Siemens Power Automation Products
Read Time:20 Second
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jul 03
SEC Consult Vulnerability Lab Security Advisory < 20240626-0 >
=======================================================================
title: Multiple Vulnerabilities in Power Automation Products
product: Siemens CP-8000/CP-8021/CP8-022/CP-8031/CP-8050/SICORE
vulnerable version: CPC80 < V16.41 / CPCI85 < V5.30 / OPUPI0 < V5.30 / SICORE < V1.3.0 /
CPCX26 < V06.02 for CP-2016…
Novel DoS Vulnerability Affecting WebRTC Media Servers
Read Time:23 Second
Posted by Sandro Gauci via Fulldisclosure on Jul 03
Dear Colleagues,
We have published a new blog post discussing a novel Denial-of-Service (DoS) vulnerability affecting WebRTC media
servers.
## Executive summary (TL;DR)
A critical denial-of-service (DoS) vulnerability has been identified in media servers that process WebRTC’s DTLS-SRTP,
specifically in their handling of ClientHello messages. This vulnerability arises from a race condition between ICE and
DTLS traffic and can be exploited…
APPLE-SA-06-25-2024-1 AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8
Read Time:23 Second
Posted by Apple Product Security via Fulldisclosure on Jul 03
APPLE-SA-06-25-2024-1 AirPods Firmware Update 6A326, AirPods
Firmware Update 6F8, and Beats Firmware Update 6F8
AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and
Beats Firmware Update 6F8 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214111.
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates…