Category Archives: Advisories

Advisories

libxmp-4.6.1-2.fc41

Read Time:26 Second

FEDORA-2025-23e4aeeb91

Packages in this update:

libxmp-4.6.1-2.fc41

Update description:

Latest upstream release. Changelog:

Fixes:

CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbis_deinit()
CVE-2023-45680: Null pointer dereference in vorbis_deinit()
CVE-2023-45681: Out of bounds heap buffer write
CVE-2023-45676: Multi-byte write heap buffer overflow in start_decoder()
CVE-2023-45677: Heap buffer out of bounds write in start_decoder()
CVE-2023-45682: Wild address read in vorbis_decode_packet_rest()

Read More

Advisories

libxmp-4.6.1-2.fc40

Read Time:26 Second

FEDORA-2025-c58133e520

Packages in this update:

libxmp-4.6.1-2.fc40

Update description:

Latest upstream release. Changelog:

Fixes:

CVE-2023-45679: Attempt to free an uninitialized memory pointer in vorbis_deinit()
CVE-2023-45680: Null pointer dereference in vorbis_deinit()
CVE-2023-45681: Out of bounds heap buffer write
CVE-2023-45676: Multi-byte write heap buffer overflow in start_decoder()
CVE-2023-45677: Heap buffer out of bounds write in start_decoder()
CVE-2023-45682: Wild address read in vorbis_decode_packet_rest()

Read More

Advisories

xmlrpc-c-1.60.04-2.fc42

Read Time:36 Second

FEDORA-2025-a835dd04a0

Packages in this update:

xmlrpc-c-1.60.04-2.fc42

Update description:

Automatic update for xmlrpc-c-1.60.04-2.fc42.

Changelog

* Thu Jan 2 2025 Jonathan Wright <jonathan@almalinux.org> – 1.60.4-2
– Use global macro to override make smp_flags
* Thu Jan 2 2025 Jonathan Wright <jonathan@almalinux.org> – 1.60.4-1
– update to 1.60.4 rhbz#2334236
– re-enable builds against libxml2, no more bundled libexpat
– fixes rhbz#2310136
– fixes rhbz#2310146
– fixes rhbz#2310152
* Wed Sep 4 2024 Miroslav Suchý <msuchy@redhat.com> – 1.59.03-3
– convert license to SPDX

Automatic update for xmlrpc-c-1.60.04-1.fc42.

Read More

Advisories

xmlrpc-c-1.60.04-1.fc42

Read Time:26 Second

FEDORA-2025-482675dee5

Packages in this update:

xmlrpc-c-1.60.04-1.fc42

Update description:

Automatic update for xmlrpc-c-1.60.04-1.fc42.

Changelog

* Thu Jan 2 2025 Jonathan Wright <jonathan@almalinux.org> – 1.60.4-1
– update to 1.60.4 rhbz#2334236
– re-enable builds against libxml2, no more bundled libexpat
– fixes rhbz#2310136
– fixes rhbz#2310146
– fixes rhbz#2310152
* Wed Sep 4 2024 Miroslav Suchý <msuchy@redhat.com> – 1.59.03-3
– convert license to SPDX

Read More

Advisories

Multiple vulnerabilities in CTFd versions <= 3.7.4

Read Time:6 Second

Posted by Blazej Adamczyk on Dec 30

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Multiple vulnerabilities in CTFd versions <= 3.7.4
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

1 General information
═════════════════════…

Read More

Advisories

IBMi Navigator / CVE-2024-51464 / HTTP Security Token Bypass

Read Time:22 Second

Posted by hyp3rlinx on Dec 30

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_HTTP_Security_Token_Bypass-CVE-2024-51464.txt
[+] x.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]www.ibm.com

[Product]
Navigator for i is a Web console interface where you can perform the
key tasks to administer your IBM i.
IBM Navigator for i supports the vast majority of tasks that were…

Read More

Advisories

IBMi Navigator / CVE-2024-51463 / Server Side Request Forgery (SSRF)

Read Time:22 Second

Posted by hyp3rlinx on Dec 30

[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source: https://hyp3rlinx.altervista.org/advisories/IBMi_Navigator_Server_Side_Request_Forgery_CVE-2024-51463.txt
[+] x.com/hyp3rlinx
[+] ISR: ApparitionSec

[Vendor]www.ibm.com

[Product]
Navigator for i is a Web console interface where you can perform the
key tasks to administer your IBM i.
IBM Navigator for i supports the vast majority of tasks that…

Read More