Read Time:7 Second
FEDORA-EPEL-2024-e29578804c
Packages in this update:
suricata-6.0.19-1.el9
Update description:
This is a security and bug fix release.
Category Archives: Advisories
suricata-7.0.5-1.fc40
Read Time:7 Second
FEDORA-2024-9cce1f4b49
Packages in this update:
suricata-7.0.5-1.fc40
Update description:
This is a security and bug fix release.
suricata-6.0.19-1.el8
Read Time:7 Second
FEDORA-EPEL-2024-a98407e8b0
Packages in this update:
suricata-6.0.19-1.el8
Update description:
This is a security and bug fix release.
suricata-6.0.19-1.fc39
Read Time:7 Second
FEDORA-2024-aa2fdd75f7
Packages in this update:
suricata-6.0.19-1.fc39
Update description:
This is a security and bug fix release.
mingw-python-werkzeug-2.2.3-2.fc38
Read Time:7 Second
FEDORA-2024-48123e7aae
Packages in this update:
mingw-python-werkzeug-2.2.3-2.fc38
Update description:
Backport fix for CVE-2024-34069.
DSA-5687-1 chromium – security update
Read Time:14 Second
A security issue was discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure. Google is aware that an exploit for CVE-2024-4671 exists
in the wild.
A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:26 Second
A vulnerability has been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
USN-6770-1: Fossil regression
Read Time:14 Second
USN-6729-1 fixed vulnerabilities in Apache HTTP Server. The
update lead to the discovery of a regression in Fossil with
regards to the handling of POST requests that do not have a
Content-Length field set. This update fixes the problem.
We apologize for the inconvenience.
A Vulnerability in Apache OFBiz Could Allow for Remote Code Execution
Read Time:36 Second
A vulnerability has been discovered in the Apache OFBiz, which could allow for remote code execution. Apache OFBiz is an open-source product for the automation of enterprise processes. It includes framework components and business applications for ERP, CRM, E-Business/E-Commerce, Supply Chain Management and Manufacturing Resource Planning. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Services whose accounts are configured to have less rights on the system could be less impacted than those who operate with administrative user rights.
A Vulnerability in F5 BIG-IP Next Central Manager Could Allow for Remote Code Execution
Read Time:36 Second
A vulnerability has been discovered in F5 BIG-IP Next Central Manager that could allow for remote code execution. BIG-IP Next Central Manager is the management and application orchestration platform used to control BIG-IP Next instances. It can be installed on dedicated hardware or virtualized through VMware ESXi. Successful exploitation of this vulnerability could allow for Remote Code Execution in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Services accounts that are configured to have less rights on the system could be less impacted than those who operate with administrative user rights.