ZDI-24-776: (Pwn2Own) Oracle VirtualBox OHCI USB Controller Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code...
DSA-5710-1 chromium – security update
Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. https://security-tracker.debian.org/tracker/DSA-5710-1 Read More
python39-jinja2-epel-3.1.3-1.2.el8
FEDORA-EPEL-2024-f52b6219ca Packages in this update: python39-jinja2-epel-3.1.3-1.2.el8 Update description: Backported fix for CVE-2024-34064 Read More
ghostscript-10.02.1-9.fc40
FEDORA-2024-939eac36ae Packages in this update: ghostscript-10.02.1-9.fc40 Update description: Security fix for CVE-2024-33871 Read More
python-dns-2.6.1-1.fc39
FEDORA-2024-3b4c7849ab Packages in this update: python-dns-2.6.1-1.fc39 Update description: Update to 2.6.1 (rhbz#2263657) Fix for CVE-2023-29483 (rhbz#2274685) Read More
freeipa-4.12.1-1.fc39
FEDORA-2024-1d1b485611 Packages in this update: freeipa-4.12.1-1.fc39 Update description: Fix CVE-2024-2698 and CVE-2024-3183 Read More
freeipa-4.12.1-1.fc40
FEDORA-2024-2a466c6514 Packages in this update: freeipa-4.12.1-1.fc40 Update description: Fix CVE-2024-2698 and CVE-2024-3183 Read More
ZDI-24-670: (0Day) Famatech Advanced IP Scanner Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Famatech Advanced IP Scanner. An attacker must first obtain the ability to execute...
ZDI-24-677: (0Day) Dropbox Desktop Folder Sharing Mark-of-the-Web Bypass Vulnerability
This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of Dropbox Desktop. User interaction is required to exploit this vulnerability...
ZDI-24-676: (0Day) Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability....