Two vulnerabilities have been discovered in Composer, a dependency
manager for PHP, which could result in arbitrary command execution by
operating on malicious git/hg repositories.
Category Archives: Advisories
kitty-0.35.1-4.fc40
FEDORA-2024-15039ba9f9
Packages in this update:
kitty-0.35.1-4.fc40
Update description:
rebuild for rhbz#2292712
Business Logic Flaw and Username Enumeration in spa-cartcmsv1.9.0.6
Posted by Andrey Stoykov on Jun 15
# Exploit Title: Business Logic Flaw and Username Enumeration in
spa-cartcmsv1.9.0.6
# Date: 6/2024
# Exploit Author: Andrey Stoykov
# Version: 1.9.0.6
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/04/friday-fun-pentest-series-5-spa.html
<http://msecureltd.blogspot.com/>
Description
– It was found that the application suffers from business logic flaw
– Additionally the application is vulnerable to username…
DSA-5713-1 libndp – security update
A buffer overflow was discovered in libndp, a library implementing the
IPv6 Neighbor Discovery Protocol (NDP), which could result in denial of
service or potentially the execution of arbitrary code if malformed
IPv6 router advertisements are processed.
python-PyMySQL-1.1.1-1.fc40
FEDORA-2024-b26f07d27b
Packages in this update:
python-PyMySQL-1.1.1-1.fc40
Update description:
Update to 1.1.1 to fix CVE CVE-2024-36039
python-PyMySQL-1.1.1-1.fc39
FEDORA-2024-e7141ab284
Packages in this update:
python-PyMySQL-1.1.1-1.fc39
Update description:
Update to 1.1.1 to fix CVE CVE-2024-36039
DSA-5711-1 thunderbird – security update
Multiple security issues were discovered in Thunderbird, which could
result inthe execution of arbitrary code.
DSA-5712-1 ffmpeg – security update
Several vulnerabilities have been discovered in the FFmpeg multimedia
framework, which could result in denial of service or potentially the
execution of arbitrary code if malformed files/streams are processed.
thunderbird-115.12.0-2.fc39
FEDORA-2024-25da59ef4e
Packages in this update:
thunderbird-115.12.0-2.fc39
Update description:
Update to 115.12.0
https://www.mozilla.org/en-US/security/advisories/mfsa2024-28/
https://www.thunderbird.net/en-US/thunderbird/115.12.0/releasenotes/
thunderbird-115.12.0-2.fc40
FEDORA-2024-748bedc96c
Packages in this update:
thunderbird-115.12.0-2.fc40
Update description:
Update to 115.12.0
https://www.mozilla.org/en-US/security/advisories/mfsa2024-28/
https://www.thunderbird.net/en-US/thunderbird/115.12.0/releasenotes/