This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face Transformers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-11392.
This vulnerability allows local attackers to escalate privileges on affected installations of McAfee Total Protection. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.7. The following CVEs are assigned: CVE-2024-49592.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Deep Security Agent. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-51503.
python-aiohttp-3.9.5-2.fc40
Security fix for CVE-2024-52304
python-aiohttp-3.10.5-3.fc41
Security fix for CVE-2024-52304
libsndfile-1.2.2-5.fc41
fix crash in in ogg vorbis (#2322326) (CVE-2024-50612)
Multiple vulnerabilities have been discovered in Palo Alto PAN-OS, the most severe of which could allow for authentication bypass. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation could allow for authentication bypass with administrator privileges. An attacker could then install programs; view, change, or delete data.
libsndfile-1.2.2-5.fc42
Automatic update for libsndfile-1.2.2-5.fc42.
* Mon Nov 18 2024 Michal Hlavinka <mhlavink@redhat.com> – 1.2.2-5
– fix crash in in ogg vorbis (rhbz#2322326) (CVE-2024-50612)
libsndfile-1.2.2-4.fc40
fix crash in in ogg vorbis (rhbz#2322326) (CVE-2024-50612)
It was discovered that Glib incorrectly handled certain trailing
characters. An attacker could possibly use this issue to cause
a crash or other undefined behavior.
