Category Archives: Advisories

chromium-124.0.6367.78-1.fc39

Read Time:15 Second

FEDORA-2024-decb7e94a1

Packages in this update:

chromium-124.0.6367.78-1.fc39

Update description:

update to 124.0.6367.78

* Critical CVE-2024-4058: Type Confusion in ANGLE
* High CVE-2024-4059: Out of bounds read in V8 API
* High CVE-2024-4060: Use after free in Dawn

Read More

chromium-124.0.6367.78-1.fc40

Read Time:15 Second

FEDORA-2024-de34d9d61f

Packages in this update:

chromium-124.0.6367.78-1.fc40

Update description:

update to 124.0.6367.78

* Critical CVE-2024-4058: Type Confusion in ANGLE
* High CVE-2024-4059: Out of bounds read in V8 API
* High CVE-2024-4060: Use after free in Dawn

Read More

ZDI-24-401: Progress Software Telerik Reporting ObjectReader Deserialization of Untrusted Data Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Progress Software Telerik Reporting. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1801.

Read More

ZDI-24-399: Microsoft Windows MHT File Mark-Of-The-Web Bypass Remote Code Execution Vulnerability

Read Time:19 Second

This vulnerability allows remote attackers to bypass the Mark-Of-The-Web security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-29991.

Read More

ZDI-24-404: Apple macOS Metal Framework PVR File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Read Time:16 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the Metal Framework library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-23264.

Read More