USN-6851-1: Netplan vulnerabilities
Andreas Hasenack discovered that netplan incorrectly handled the permissions for netdev files containing wireguard configuration. An attacker could use this to obtain wireguard secret keys....
USN-6819-4: Linux kernel (Oracle) vulnerabilities
Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability....
USN-6853-1: Ruby vulnerability
It was discovered that Ruby incorrectly handled the ungetbyte and ungetc methods. A remote attacker could use this issue to cause Ruby to crash, resulting...
USN-6852-1: Wget vulnerability
It was discovered that Wget incorrectly handled semicolons in the userinfo subcomponent of a URI. A remote attacker could possibly trick a user into connecting...
USN-6843-1: Plasma Workspace vulnerability
Fabian Vogt discovered that Plasma Workspace incorrectly handled connections via ICE. A local attacker could possibly use this issue to gain access to another user's...
python-waitress-1.4.3-2.el8
FEDORA-EPEL-2024-5f44a7efc2 Packages in this update: python-waitress-1.4.3-2.el8 Update description: Backport upstream fix for CVE-2022-24761. https://github.com/advisories/GHSA-4f7p-27jc-3c36 Read More
ZDI-24-883: Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The ZDI...
USN-6850-1: OpenVPN vulnerability
It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using...
DSA-5722-1 libvpx – security update
It was discovered that multiple integer overflows in libvpx, a multimedia library for the VP8 and VP9 video codecs, may result in denial of service...
DSA-5721-1 ffmpeg – security update
Several vulnerabilities have been discovered in the FFmpeg multimedia framework, which could result in denial of service or potentially the execution of arbitrary code if...