Post Content
Category Archives: Advisories
FreeBSD-EN-24:10.zfs
moodle-4.3.5-1.fc40
FEDORA-2024-020937763e
Packages in this update:
moodle-4.3.5-1.fc40
Update description:
Fix for multiple CVEs
moodle-4.3.5-1.fc39
FEDORA-2024-9df8ef935b
Packages in this update:
moodle-4.3.5-1.fc39
Update description:
Fix for multiple CVEs
kitty-0.35.1-4.fc41
FEDORA-2024-d2ec3e14a7
Packages in this update:
kitty-0.35.1-4.fc41
Update description:
Automatic update for kitty-0.35.1-4.fc41.
Changelog
* Mon Jun 17 2024 Pavel Solovev <daron439@gmail.com> – 0.35.1-4
– rebuild for rhbz#2292712
Multiple Vulnerabilities in VMware Products Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in VMware vCenter Server and Cloud Foundation, the most severe of which could allow for remote code execution. VMware vCenter Server is the centralized management utility for VMware. VMware Cloud Foundation is a multi-cloud platform that provides a full-stack hyperconverged infrastructure (HCI) that is made for modernizing data centers and deploying modern container-based applications. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the administrator account. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
ghostscript-10.02.1-4.fc39
FEDORA-2024-a2d4821fe1
Packages in this update:
ghostscript-10.02.1-4.fc39
Update description:
Fix for issues in gating
Security fix for CVE-2024-33871
openssl3-3.2.2-2.1.el8
FEDORA-EPEL-2024-c58045d54f
Packages in this update:
openssl3-3.2.2-2.1.el8
Update description:
Security fix for CVE-2024-4741 openssl3: openssl: Use After Free with SSL_free_buffers
ZDI-24-793: (0Day) Autodesk AutoCAD 3DM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-23151.
ZDI-24-792: (0Day) Autodesk AutoCAD PRT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-23150.