Read Time:9 Second
FEDORA-2025-5d61874568
Packages in this update:
perl-String-Compare-ConstantTime-0.321-21.fc41
Update description:
This release fixes CVE-2024-13939 (leaking the length of a secret string)
Category Archives: Advisories
perl-String-Compare-ConstantTime-0.321-22.fc42
Read Time:9 Second
FEDORA-2025-ce51c124a5
Packages in this update:
perl-String-Compare-ConstantTime-0.321-22.fc42
Update description:
This release fixes CVE-2024-13939 (leaking the length of a secret string)
uboot-tools-2025.04-1.fc42
Read Time:8 Second
FEDORA-2025-a3561bfc13
Packages in this update:
uboot-tools-2025.04-1.fc42
Update description:
Update to 2025.04 GA
Update to 2025.04 RC5
ZDI-25-242: MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-3484.
ZDI-25-216: (Pwn2Own) Synology TC500 ONVIF Heap-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology TC500 cameras. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-11131.
ZDI-25-243: MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-3483.
ZDI-25-244: MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-3482.
ZDI-25-245: MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of MedDream PACS Server. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2025-3481.
ZDI-25-246: MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability
Read Time:13 Second
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of MedDream WEB DICOM Viewer. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3. The following CVEs are assigned: CVE-2025-3480.
ZDI-25-207: (Pwn2Own) Synology BeeStation BST150-4T Command Injection Remote Code Execution Vulnerability
Read Time:14 Second
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology BeeStation BST150-4T devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-10443.