USN-6768-1: GLib vulnerability
Alicia Boya García discovered that GLib incorrectly handled signal subscriptions. A local attacker could use this issue to spoof D-Bus signals resulting in a variety...
chromium-124.0.6367.155-1.el8
FEDORA-EPEL-2024-ac000e6379 Packages in this update: chromium-124.0.6367.155-1.el8 Update description: update to 124.0.6367.155 High CVE-2024-4558: Use after free in ANGLE High CVE-2024-4559: Heap buffer overflow in WebAudio...
chromium-124.0.6367.155-1.el9
FEDORA-EPEL-2024-f74fbce604 Packages in this update: chromium-124.0.6367.155-1.el9 Update description: update to 124.0.6367.155 High CVE-2024-4558: Use after free in ANGLE High CVE-2024-4559: Heap buffer overflow in WebAudio...
chromium-124.0.6367.155-1.fc40
FEDORA-2024-92780a83f9 Packages in this update: chromium-124.0.6367.155-1.fc40 Update description: update to 124.0.6367.155 High CVE-2024-4558: Use after free in ANGLE High CVE-2024-4559: Heap buffer overflow in WebAudio...
chromium-124.0.6367.155-1.fc38
FEDORA-2024-f93392509c Packages in this update: chromium-124.0.6367.155-1.fc38 Update description: update to 124.0.6367.155 High CVE-2024-4558: Use after free in ANGLE High CVE-2024-4559: Heap buffer overflow in WebAudio...
chromium-124.0.6367.155-1.fc39
FEDORA-2024-55e7e839f1 Packages in this update: chromium-124.0.6367.155-1.fc39 Update description: update to 124.0.6367.155 High CVE-2024-4558: Use after free in ANGLE High CVE-2024-4559: Heap buffer overflow in WebAudio...
Microsoft PlayReady – complete client identity compromise
Posted by Security Explorations on May 09 Hello All, We have come up with two attack scenarios that make it possible to extract private ECC...
ZDI-24-439: Microsoft Windows Bluetooth AVDTP Protocol Integer Underflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that...
ZDI-24-438: Dassault Systèmes eDrawings Viewer DXF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability...
ZDI-24-437: Dassault Systèmes eDrawings Viewer DXF File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings Viewer. User interaction is required to exploit this vulnerability...