ZDI-24-864: (Pwn2Own) Phoenix Contact CHARX SEC-3100 OCPP Protocol UpdateFirmware Command Injection Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this...
ZDI-24-863: (Pwn2Own) Phoenix Contact CHARX SEC-3100 plctool Improper Privilege Management Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 devices. An attacker must first obtain the ability to...
ZDI-24-862: (Pwn2Own) Phoenix Contact CHARX SEC-3100 MQTT Protocol JSON Parsing Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this...
kitty-0.31.0-3.fc39
FEDORA-2024-c7b79bc227 Packages in this update: kitty-0.31.0-3.fc39 Update description: rebuild for rhbz#2292712 Read More
python-requests-2.32.3-1.fc41
FEDORA-2024-b5c6704062 Packages in this update: python-requests-2.32.3-1.fc41 Update description: Automatic update for python-requests-2.32.3-1.fc41. Changelog * Wed Jun 19 2024 LumÃr Balhar <lbalhar@redhat.com> - 2.32.3-1 - Update...
USN-6842-1: gdb vulnerabilities
It was discovered that gdb incorrectly handled certain memory operations when parsing an ELF file. An attacker could possibly use this issue to cause a...
chromium-126.0.6478.114-1.fc39
FEDORA-2024-dd14eefb0e Packages in this update: chromium-126.0.6478.114-1.fc39 Update description: update to 126.0.6478.114 High CVE-2024-6100: Type Confusion in V8 High CVE-2024-6101: Inappropriate implementation in WebAssembly High CVE-2024-6102:...
chromium-126.0.6478.114-1.fc40
FEDORA-2024-d2b54d5a9d Packages in this update: chromium-126.0.6478.114-1.fc40 Update description: update to 126.0.6478.114 High CVE-2024-6100: Type Confusion in V8 High CVE-2024-6101: Inappropriate implementation in WebAssembly High CVE-2024-6102:...
ZDI-24-820: Windscribe Directory Traversal Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on...
ZDI-24-819: VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged...