Read Time:9 Second
FEDORA-2025-4871b31998
Packages in this update:
perl-Compress-Raw-Lzma-2.209-9.fc40
xz-5.8.1-1.1.fc40
Update description:
xz 5.8.1
Category Archives: Advisories
Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Read Time:36 Second
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.
Mozilla Firefox is a web browser used to access the Internet.Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations.Mozilla Thunderbird is an email client.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
A Vulnerability in Ivanti Products Could Allow for Remote Code Execution
Read Time:46 Second
A Vulnerability has been discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways which could allow for remote code execution.
Ivanti Connect Secure (formerly Pulse Connect Secure) is a widely deployed SSL VPN solution that provides secure and controlled access to corporate data and applications for remote and mobile users, offering features like single sign-on, multi-factor authentication, and integration with various security frameworks.Ivanti Policy Secure (IPS) is a Network Access Control (NAC) solution that provides network access only to authorized and secured users and devices, offering comprehensive NAC management, visibility, and monitoring to protect networks and sensitive data.Ivanti Neurons for Zero Trust Access (ZTA) Gateway is a component of Ivanti’s zero-trust network access solution
Successful exploitation could allow for remote code execution in the context of the system. Depending on the privileges associated with the system, an attacker could then install programs; view, change, or delete data.
xz-5.8.1-1.fc40
Read Time:6 Second
FEDORA-2025-258ab1c008
Packages in this update:
xz-5.8.1-1.fc40
Update description:
New upstream version 5.8.1
xz-5.8.1-1.fc41
Read Time:6 Second
FEDORA-2025-fec4b37bc7
Packages in this update:
xz-5.8.1-1.fc41
Update description:
New upstream version 5.8.1
xz-5.8.1-1.fc42
Read Time:6 Second
FEDORA-2025-76264ecf04
Packages in this update:
xz-5.8.1-1.fc42
Update description:
New upstream version 5.8.1
USN-7414-1: XZ Utils vulnerability
Read Time:15 Second
Harri K. Koskinen discovered that XZ Utils incorrectly handled the threaded
xz decoder. If a user or automated system were tricked into processing an
xz file, a remote attacker could use this issue to cause XZ Utils to crash,
resulting in a denial of service, or possibly execute arbitrary code.
chromium-135.0.7049.52-2.fc40
Read Time:30 Second
FEDORA-2025-609ed3aaa7
Packages in this update:
chromium-135.0.7049.52-2.fc40
Update description:
Update to 135.0.7049.52
High CVE-2025-3066: Use after free in Navigations
Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs
Medium CVE-2025-3068: Inappropriate implementation in Intents
Medium CVE-2025-3069: Inappropriate implementation in Extensions
Medium CVE-2025-3070: Insufficient validation of untrusted input in Extensions
Low CVE-2025-3071: Inappropriate implementation in Navigations
Low CVE-2025-3072: Inappropriate implementation in Custom Tabs
Low CVE-2025-3073: Inappropriate implementation in Autofill
Low CVE-2025-3074: Inappropriate implementation in Downloads
chromium-135.0.7049.52-1.fc41
Read Time:30 Second
FEDORA-2025-98dd4c4639
Packages in this update:
chromium-135.0.7049.52-1.fc41
Update description:
Update to 135.0.7049.52
High CVE-2025-3066: Use after free in Navigations
Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs
Medium CVE-2025-3068: Inappropriate implementation in Intents
Medium CVE-2025-3069: Inappropriate implementation in Extensions
Medium CVE-2025-3070: Insufficient validation of untrusted input in Extensions
Low CVE-2025-3071: Inappropriate implementation in Navigations
Low CVE-2025-3072: Inappropriate implementation in Custom Tabs
Low CVE-2025-3073: Inappropriate implementation in Autofill
Low CVE-2025-3074: Inappropriate implementation in Downloads
chromium-135.0.7049.52-2.el9
Read Time:30 Second
FEDORA-EPEL-2025-eb7e3d90f5
Packages in this update:
chromium-135.0.7049.52-2.el9
Update description:
Update to 135.0.7049.52
High CVE-2025-3066: Use after free in Navigations
Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs
Medium CVE-2025-3068: Inappropriate implementation in Intents
Medium CVE-2025-3069: Inappropriate implementation in Extensions
Medium CVE-2025-3070: Insufficient validation of untrusted input in Extensions
Low CVE-2025-3071: Inappropriate implementation in Navigations
Low CVE-2025-3072: Inappropriate implementation in Custom Tabs
Low CVE-2025-3073: Inappropriate implementation in Autofill
Low CVE-2025-3074: Inappropriate implementation in Downloads