This vulnerability allows local attackers to escalate privileges on affected installations of Windscribe. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-6141.
Category Archives: Advisories
ZDI-24-819: VIPRE Advanced Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-5930.
ZDI-24-818: VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-5929.
ZDI-24-817: VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-5928.
ZDI-24-816: Microsoft Windows Menu DC Bitmap Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-30082.
ZDI-24-821: Linux Kernel TIPC Message Reassembly Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is not required to exploit this vulnerability, but only systems with TIPC bearer enabled are vulnerable. The ZDI has assigned a CVSS rating of 9.0. The following CVEs are assigned: CVE-2024-36886.
DSA-5717-1 php8.2 – security update
It was discovered that user validation was incorrectly implemented
for filter_var(FILTER_VALIDATE_URL).
chromium-126.0.6478.114-1.el7
FEDORA-EPEL-2024-40073a5fd9
Packages in this update:
chromium-126.0.6478.114-1.el7
Update description:
update to 126.0.6478.114
High CVE-2024-6100: Type Confusion in V8
High CVE-2024-6101: Inappropriate implementation in WebAssembly
High CVE-2024-6102: Out of bounds memory access in Dawn
High CVE-2024-6103: Use after free in Dawn
chromium-126.0.6478.114-1.el8
FEDORA-EPEL-2024-6b799a502a
Packages in this update:
chromium-126.0.6478.114-1.el8
Update description:
update to 126.0.6478.114
High CVE-2024-6100: Type Confusion in V8
High CVE-2024-6101: Inappropriate implementation in WebAssembly
High CVE-2024-6102: Out of bounds memory access in Dawn
High CVE-2024-6103: Use after free in Dawn
chromium-126.0.6478.114-1.el9
FEDORA-EPEL-2024-32c5029d69
Packages in this update:
chromium-126.0.6478.114-1.el9
Update description:
update to 126.0.6478.114
High CVE-2024-6100: Type Confusion in V8
High CVE-2024-6101: Inappropriate implementation in WebAssembly
High CVE-2024-6102: Out of bounds memory access in Dawn
High CVE-2024-6103: Use after free in Dawn