Post Content
Category Archives: Advisories
GLSA 202412-04: Mozilla Firefox: Multiple Vulnerabilities
GLSA 202412-11: OATH Toolkit: Privilege Escalation
GLSA 202412-10: Dnsmasq: Multiple Vulnerabilities
GLSA 202412-09: Salt: Multiple Vulnerabilities
GLSA 202412-08: icinga2: Multiple Vulnerabilities
GLSA 202412-07: OpenJDK: Multiple Vulnerabilities
pytest-8.3.4-1.fc41
Read Time:6 Second
FEDORA-2024-b747462264
Packages in this update:
pytest-8.3.4-1.fc41
Update description:
Update to pytest 8.3.4
ZDI-24-1645: Progress Software WhatsUp Gold WriteDataFile Directory Traversal Remote Code Execution Vulnerability
Read Time:13 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software WhatsUp Gold. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 9.8. The following CVEs are assigned: CVE-2024-46909.
ZDI-24-1644: (Pwn2Own) iXsystems TrueNAS fetch_plugin_packagesites tar Cleartext Transmission of Sensitive Information Vulnerability
Read Time:14 Second
This vulnerability allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 3.1. The following CVEs are assigned: CVE-2024-11946.