It was discovered that Wget incorrectly handled semicolons in the userinfo
subcomponent of a URI. A remote attacker could possibly trick a user into
connecting to a different host than expected.
Category Archives: Advisories
USN-6843-1: Plasma Workspace vulnerability
Fabian Vogt discovered that Plasma Workspace incorrectly handled
connections via ICE. A local attacker could possibly use this issue to
gain access to another user’s session manager and execute arbitrary code.
python-waitress-1.4.3-2.el8
FEDORA-EPEL-2024-5f44a7efc2
Packages in this update:
python-waitress-1.4.3-2.el8
Update description:
Backport upstream fix for CVE-2022-24761.
ZDI-24-883: Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.1. The following CVEs are assigned: CVE-2024-5762.
USN-6850-1: OpenVPN vulnerability
It was discovered that OpenVPN incorrectly handled certain configurations
with multiple authentication plugins. A remote attacker could possibly use
this issue to bypass authentication using incomplete credentials.
DSA-5722-1 libvpx – security update
It was discovered that multiple integer overflows in libvpx, a
multimedia library for the VP8 and VP9 video codecs, may result in
denial of service and potentially the execution of arbitrary code.
DSA-5721-1 ffmpeg – security update
Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.
oci-cli-3.43.2-1.fc41 python-oci-2.128.2-1.fc41
FEDORA-2024-13270a731d
Packages in this update:
oci-cli-3.43.2-1.fc41
python-oci-2.128.2-1.fc41
Update description:
Update oci-cli to 3.43.2
chromium-126.0.6478.126-1.fc40
FEDORA-2024-0c02698648
Packages in this update:
chromium-126.0.6478.126-1.fc40
Update description:
update to 126.0.6478.126
High CVE-2024-6290: Use after free in Dawn
High CVE-2024-6291: Use after free in Swiftshader
High CVE-2024-6292: Use after free in Dawn
High CVE-2024-6293: Use after free in Dawn
chromium-126.0.6478.126-1.fc39
FEDORA-2024-508d03d0c7
Packages in this update:
chromium-126.0.6478.126-1.fc39
Update description:
update to 126.0.6478.126
High CVE-2024-6290: Use after free in Dawn
High CVE-2024-6291: Use after free in Swiftshader
High CVE-2024-6292: Use after free in Dawn
High CVE-2024-6293: Use after free in Dawn