SEC Consult SA-20240522-0 :: Broken access control & API Information Exposure in 4BRO App
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 23 SEC Consult Vulnerability Lab Security Advisory < 20240522-0 > ======================================================================= title: Broken access control...
[CFP] Security BSides Ljubljana 0x7E8 | September 27, 2024
Posted by Andraz Sraka on May 23 MMMMMMMMMMMMMMMMNmddmNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MMN..-..--+MMNy:...-.-/yNMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MMy..ymd-.:Mm::-:osyo-..-mMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM MM:..---.:dM/..+NNyyMN/..:MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM Mm../dds.-oy.-.dMh--mMds++MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM My:::::/ydMmo..-hMMMmo//omMs/+Mm+++++shNMN+//+//+oMNy+///ohM MMMs//yMNo+hMh---m:-:hy+sMN..+Mo..os+.-:Ny--ossssdN-.:yyo+mM... Read More
A Vulnerability in GitHub Enterprise Server (GHES) Could Allow for Authentication Bypass
A vulnerability has been discovered in GitHub Enterprise Server (GHES), which could allow for authentication bypass. GHES is a popular platform for software developers. Organizations...
USN-6785-1: GNOME Remote Desktop vulnerability
Matthias Gerstner discovered that GNOME Remote Desktop incorrectly performed certain user validation checks. A local attacker could possibly use this issue to obtain sensitive information,...
USN-6784-1: cJSON vulnerabilities
It was discovered that cJSON incorrectly handled certain input. An attacker could possibly use this issue to cause cJSON to crash, resulting in a denial...
chromium-125.0.6422.76-1.el7
FEDORA-EPEL-2024-46d6266ef3 Packages in this update: chromium-125.0.6422.76-1.el7 Update description: update to 125.0.6422.76 High CVE-2024-5157: Use after free in Scheduling High CVE-2024-5158: Type Confusion in V8 High...
chromium-125.0.6422.76-1.el8
FEDORA-EPEL-2024-1a95b76e46 Packages in this update: chromium-125.0.6422.76-1.el8 Update description: update to 125.0.6422.76 High CVE-2024-5157: Use after free in Scheduling High CVE-2024-5158: Type Confusion in V8 High...
chromium-125.0.6422.76-1.el9
FEDORA-EPEL-2024-3184c14a07 Packages in this update: chromium-125.0.6422.76-1.el9 Update description: update to 125.0.6422.76 High CVE-2024-5157: Use after free in Scheduling High CVE-2024-5158: Type Confusion in V8 High...
USN-6777-4: Linux kernel (HWE) vulnerabilities
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free...
python3.6-3.6.15-28.fc39
FEDORA-2024-18b9c9b9cf Packages in this update: python3.6-3.6.15-28.fc39 Update description: Security fix for CVE-2024-0450 and CVE-2023-6597 Read More