Read Time:7 Second
FEDORA-2024-123f2b3666
Packages in this update:
cyrus-imapd-3.8.3-1.fc39
Update description:
Security fix for CVE-2024-34055
Category Archives: Advisories
cyrus-imapd-3.8.3-1.fc40
Read Time:7 Second
FEDORA-2024-f3e0255c75
Packages in this update:
cyrus-imapd-3.8.3-1.fc40
Update description:
Security fix for CVE-2024-34055
cyrus-imapd-3.8.3-1.fc41
Read Time:16 Second
FEDORA-2024-cfbdc342a2
Packages in this update:
cyrus-imapd-3.8.3-1.fc41
Update description:
Automatic update for cyrus-imapd-3.8.3-1.fc41.
Changelog
* Wed Jun 5 2024 Martin Osvald <mosvald@redhat.com> – 3.8.3-1
– Fix CVE-2024-34055 (rhbz#2290512)
– Convert to %autorelease and %autochangelog
USN-6806-1: GDK-PixBuf vulnerability
Read Time:13 Second
Pedro Ribeiro and Vitor Pedreira discovered that the GDK-PixBuf
library did not properly handle certain ANI files. An attacker
could use this flaw to cause GDK-PixBuf to crash, resulting in
a denial of service, or to possibly execute arbitrary code.
USN-6715-2: unixODBC vulnerability
Read Time:14 Second
USN-6715-1 fixed a vulnerability in unixODBC. This update provides the
corresponding fix for Ubuntu 24.04 LTS.
Original advisory details:
It was discovered that unixODBC incorrectly handled certain bytes.
An attacker could use this issue to execute arbitrary code or cause
a crash.
libvirt-10.1.0-2.fc40
Read Time:10 Second
FEDORA-2024-ee96e0c470
Packages in this update:
libvirt-10.1.0-2.fc40
Update description:
Fix crash in event loop (CVE-2024-4418)
Fix leak of GSource object
Fix leak of udev object reference
ZDI-24-566: Luxion KeyShot Viewer KSP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:15 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8.
ZDI-24-565: Luxion KeyShot Viewer KSP File Parsing Use-After-Free Remote Code Execution Vulnerability
Read Time:15 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8.
ZDI-24-564: Fuji Electric Monitouch V-SFT V9 File Parsing Type Confusion Remote Code Execution Vulnerability
Read Time:18 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Monitouch V-SFT. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-5597.
ZDI-24-567: GStreamer AV1 Video Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
Read Time:15 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-0444.