Category Archives: Advisories

ZDI-24-435: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-3298.

Read More

ZDI-24-434: Dassault Systèmes eDrawings Viewer SAT File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

ZDI-24-433: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��me eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-3298.

Read More

ZDI-24-432: Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

ZDI-24-431: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-3298.

Read More

ZDI-24-430: Dassault Systèmes eDrawings Viewer JT File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

ZDI-24-429: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-3298.

Read More

ZDI-24-428: Dassault Systèmes eDrawings Viewer JT File Parsing Memory Corruption Remote Code Execution Vulnerability

Read Time:18 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

glib2-2.78.6-1.fc39 gnome-shell-45.6-2.fc39

Read Time:16 Second

FEDORA-2024-fd2569c4e9

Packages in this update:

glib2-2.78.6-1.fc39
gnome-shell-45.6-2.fc39

Update description:

Resolve CVE-2024-34397 (GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing), and also update gnome-shell to ensure this fix does not break the screencast feature.

Read More

glib2-2.80.2-1.fc40 gnome-shell-46.1-2.fc40

Read Time:16 Second

FEDORA-2024-635a54eb7e

Packages in this update:

glib2-2.80.2-1.fc40
gnome-shell-46.1-2.fc40

Update description:

Resolve CVE-2024-34397 (GDBus signal subscriptions for well-known names are vulnerable to unicast spoofing), and also update gnome-shell to ensure this fix does not break the screencast feature.

Read More