This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. In addition, some user interaction is required on the part of a user on the host. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are assigned: CVE-2024-21110.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle VirtualBox. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.9. The following CVEs are assigned: CVE-2024-21109.
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-31083.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-48633.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lexmark CX331adwe printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50739.
et-6.2.1-15.fc38
Unbundle cpp-httlib, fixing CVE-2023-26130
et-6.2.1-15.fc39
Unbundle cpp-httlib, fixing CVE-2023-26130
et-6.2.1-15.fc40
Unbundle cpp-httlib, fixing CVE-2023-26130
clamav-1.0.6-1.fc40
ClamAV 1.0.6 is a critical patch release with the following fixes:
Updated select Rust dependencies to the latest versions. This resolved Cargo audit complaints and included PNG parser bug fixes.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1225
Fixed a bug causing some text to be truncated when converting from UTF-16.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1232
Fixed assorted complaints identified by Coverity static analysis.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1237
Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Added the new ‘valhalla’ database name to the list of optional databases in preparation for future work.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Silenced a warning “Unexpected early end-of-file” that occured when scanning some PNG files.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1216
clamav-1.0.6-1.fc39
ClamAV 1.0.6 is a critical patch release with the following fixes:
Updated select Rust dependencies to the latest versions. This resolved Cargo audit complaints and included PNG parser bug fixes.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1225
Fixed a bug causing some text to be truncated when converting from UTF-16.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1232
Fixed assorted complaints identified by Coverity static analysis.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1237
Fixed a bug causing CVDs downloaded by the DatabaseCustomURL Freshclam config option to be pruned and then re-downloaded with every update.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Added the new ‘valhalla’ database name to the list of optional databases in preparation for future work.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1240
Silenced a warning “Unexpected early end-of-file” that occured when scanning some PNG files.
GitHub pull requesthttps://github.com/Cisco-Talos/clamav/pull/1216
