It was discovered that Ruby incorrectly handled the ungetbyte and ungetc
methods. A remote attacker could use this issue to cause Ruby to crash,
resulting in a denial of service, or possibly obtain sensitive information.
It was discovered that Wget incorrectly handled semicolons in the userinfo
subcomponent of a URI. A remote attacker could possibly trick a user into
connecting to a different host than expected.
Fabian Vogt discovered that Plasma Workspace incorrectly handled
connections via ICE. A local attacker could possibly use this issue to
gain access to another user’s session manager and execute arbitrary code.
python-waitress-1.4.3-2.el8
Backport upstream fix for CVE-2022-24761.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1. The following CVEs are assigned: CVE-2024-5762.
It was discovered that OpenVPN incorrectly handled certain configurations
with multiple authentication plugins. A remote attacker could possibly use
this issue to bypass authentication using incomplete credentials.
It was discovered that multiple integer overflows in libvpx, a
multimedia library for the VP8 and VP9 video codecs, may result in
denial of service and potentially the execution of arbitrary code.
Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.
oci-cli-3.43.2-1.fc41
python-oci-2.128.2-1.fc41
Update oci-cli to 3.43.2
chromium-126.0.6478.126-1.fc40
update to 126.0.6478.126
High CVE-2024-6290: Use after free in Dawn
High CVE-2024-6291: Use after free in Swiftshader
High CVE-2024-6292: Use after free in Dawn
High CVE-2024-6293: Use after free in Dawn
