DSA-5828-1 python-aiohttp – security update
Multiple security vulnerabilities were discovered in python-aiohttp, a HTTP client/server for asyncio, which could result in denial of service, directory traversal, CRLF injection or request...
Critical Patches Issued for Microsoft Products, December 10, 2024
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on...
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe...
USN-7148-1: Linux kernel vulnerabilities
Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A...
USN-7147-1: Apache Shiro vulnerabilities
It was discovered that Apache Shiro incorrectly handled path traversal when used with other web frameworks or path rewriting. An attacker could possibly use this...
gh-2.63.2-1.fc42
FEDORA-2024-378ed6dffe Packages in this update: gh-2.63.2-1.fc42 Update description: Automatic update for gh-2.63.2-1.fc42. Changelog * Tue Dec 10 2024 Mikel Olasagasti Uranga <mikel@olasagasti.info> - 2.63.2-1 -...
python3.13-3.13.1-2.fc42
FEDORA-2024-0c29724c11 Packages in this update: python3.13-3.13.1-2.fc42 Update description: Automatic update for python3.13-3.13.1-2.fc42. Changelog * Mon Dec 9 2024 Miro HronĨok <mhroncok@redhat.com> - 3.13.1-2 - Security...
USN-7146-1: Dogtag PKI vulnerabilities
Christina Fu discovered that Dogtag PKI accidentally enabled a mock authentication plugin by default. An attacker could potentially use this flaw to bypass the regular...
ZDI-24-1655: Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability...
ZDI-24-1654: Rockwell Automation Arena Simulation DOE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Rockwell Automation Arena Simulation. User interaction is required to exploit this vulnerability...