Read Time:9 Second
Security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.
Category Archives: Advisories
python39-jinja2-epel-3.1.3-1.2.el8
Read Time:8 Second
FEDORA-EPEL-2024-f52b6219ca
Packages in this update:
python39-jinja2-epel-3.1.3-1.2.el8
Update description:
Backported fix for CVE-2024-34064
ghostscript-10.02.1-9.fc40
Read Time:6 Second
FEDORA-2024-939eac36ae
Packages in this update:
ghostscript-10.02.1-9.fc40
Update description:
Security fix for CVE-2024-33871
python-dns-2.6.1-1.fc39
Read Time:9 Second
FEDORA-2024-3b4c7849ab
Packages in this update:
python-dns-2.6.1-1.fc39
Update description:
Update to 2.6.1 (rhbz#2263657)
Fix for CVE-2023-29483 (rhbz#2274685)
freeipa-4.12.1-1.fc39
Read Time:7 Second
FEDORA-2024-1d1b485611
Packages in this update:
freeipa-4.12.1-1.fc39
Update description:
Fix CVE-2024-2698 and CVE-2024-3183
freeipa-4.12.1-1.fc40
Read Time:7 Second
FEDORA-2024-2a466c6514
Packages in this update:
freeipa-4.12.1-1.fc40
Update description:
Fix CVE-2024-2698 and CVE-2024-3183
ZDI-24-670: (0Day) Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
Read Time:15 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.3.
ZDI-24-677: (0Day) Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability
Read Time:18 Second
This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-5924.
ZDI-24-676: (0Day) Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability
Read Time:13 Second
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.3. The following CVEs are assigned: CVE-2024-5952.
ZDI-24-675: (0Day) Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability
Read Time:13 Second
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.1. The following CVEs are assigned: CVE-2024-5951.