ZDI-24-520: (Pwn2Own) Phoenix Contact CHARX SEC-3100 Missing Encryption Authentication Bypass Vulnerability
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3100 devices. Authentication is not required to exploit this vulnerability....
ZDI-24-519: (Pwn2Own) Phoenix Contact CHARX SEC-3100 Untrusted Search Path Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Phoenix Contact CHARX SEC-3100 devices. An attacker must first obtain the ability to...
USN-6779-2: Firefox regressions
USN-6779-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Original advisory details: Multiple security issues were discovered in...
DSA-5700-1 python-pymysql – security update
An SQL injection was discovered in pymysql, a pure Python MySQL driver. https://security-tracker.debian.org/tracker/DSA-5700-1 Read More
apptainer-1.3.2-1.fc39
FEDORA-2024-f4a65623e7 Packages in this update: apptainer-1.3.2-1.fc39 Update description: Update to upstream 1.3.2, including fix for CVE-2024-3727 Read More
apptainer-1.3.2-1.el7
FEDORA-EPEL-2024-fd5dac4a76 Packages in this update: apptainer-1.3.2-1.el7 Update description: Update to upstream 1.3.2, including fix for CVE-2024-3727 Read More
apptainer-1.3.2-1.el8
FEDORA-EPEL-2024-2235745ae4 Packages in this update: apptainer-1.3.2-1.el8 Update description: Update to upstream 1.3.2, including fix for CVE-2024-3727 Read More
apptainer-1.3.2-1.el9
FEDORA-EPEL-2024-c0faba087e Packages in this update: apptainer-1.3.2-1.el9 Update description: Update to upstream 1.3.2, including fix for CVE-2024-3727 Read More
apptainer-1.3.2-1.fc40
FEDORA-2024-500c653b4c Packages in this update: apptainer-1.3.2-1.fc40 Update description: Update to upstream 1.3.2, including fix for CVE-2024-3727 Read More
USN-6795-1: Linux kernel (Intel IoTG) vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free...