USN-6826-1: mod_jk vulnerability
Karl von Randow discovered that mod_jk was vulnerable to an authentication bypass. If the configuration did not provide explicit mounts for all possible proxied requests,...
USN-6823-1: MySQL vulnerabilities
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.37...
USN-6817-2: Linux kernel (OEM) vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A...
composer-2.7.7-1.el9
FEDORA-EPEL-2024-01755f0acd Packages in this update: composer-2.7.7-1.el9 Update description: Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name (GHSA-47f6-5gq3-vx9c / CVE-2024-35241) Security: Fixed...
composer-2.7.7-1.fc40
FEDORA-2024-9ed24c98cd Packages in this update: composer-2.7.7-1.fc40 Update description: Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name (GHSA-47f6-5gq3-vx9c / CVE-2024-35241) Security: Fixed...
composer-2.7.7-1.fc39
FEDORA-2024-bb55f8476a Packages in this update: composer-2.7.7-1.fc39 Update description: Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name (GHSA-47f6-5gq3-vx9c / CVE-2024-35241) Security: Fixed...
ZDI-24-598: (0Day) Microsoft Windows Incorrect Permission Assignment Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information or to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first...
ZDI-24-599: Adobe Substance 3D Stager SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Stager. User interaction is required to exploit this vulnerability...
ZDI-24-600: Schneider Electric APC Easy UPS Online startRun Exposed Dangerous Method Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit...
USN-6827-1: LibTIFF vulnerability
It was discovered that LibTIFF incorrectly handled memory when performing certain cropping operations, leading to a heap buffer overflow. An attacker could use this issue...