Category Archives: Advisories

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Google cAdvisor. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 5.3.

Advisories

nextcloud-28.0.3-1.fc38

April 22, 2024

Read Time:7 Second

FEDORA-2024-c27e97ca79

Packages in this update:

nextcloud-28.0.3-1.fc38

Update description:

update to 28.0.3
fix CVE-2024-22403

Advisories

DSA-5671-1 openjdk-11 – security update

April 22, 2024

Read Time:9 Second

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5671-1

Advisories

DSA-5670-1 thunderbird – security update

April 22, 2024

Read Time:9 Second

Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.

https://security-tracker.debian.org/tracker/DSA-5670-1

Advisories

DSA-5669-1 guix – security update

April 22, 2024

Read Time:9 Second

It was discovered that insufficient restriction of unix daemon sockets
in the GNU Guix functional package manager could result in sandbox
bypass.

https://security-tracker.debian.org/tracker/DSA-5669-1

Advisories

DSA-5672-1 openjdk-17 – security update

April 22, 2024

Read Time:9 Second

Several vulnerabilities have been discovered in the OpenJDK Java runtime,
which may result in denial of service or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5672-1

Advisories

chromium-124.0.6367.60-1.el9

April 21, 2024

Read Time:54 Second

FEDORA-EPEL-2024-2bf39e0ba4

Packages in this update:

chromium-124.0.6367.60-1.el9

Update description:

update to 124.0.6367.60

High CVE-2024-3832: Object corruption in V8
High CVE-2024-3833: Object corruption in WebAssembly
High CVE-2024-3914: Use after free in V8
High CVE-2024-3834: Use after free in Downloads
Medium CVE-2024-3837: Use after free in QUIC
Medium CVE-2024-3838: Inappropriate implementation in Autofill
Medium CVE-2024-3839: Out of bounds read in Fonts
Medium CVE-2024-3840: Insufficient policy enforcement in Site Isolation
Medium CVE-2024-3841: Insufficient data validation in Browser Switcher
Medium CVE-2024-3843: Insufficient data validation in Downloads
Low CVE-2024-3844: Inappropriate implementation in Extensions
Low CVE-2024-3845: Inappropriate implementation in Network
Low CVE-2024-3846: Inappropriate implementation in Prompts
Low CVE-2024-3847: Insufficient policy enforcement in WebUI

update to 123.0.6312.122

High CVE-2024-3157: Out of bounds write in Compositing
High CVE-2024-3516: Heap buffer overflow in ANGLE
High CVE-2024-3515: Use after free in Dawn

Cyber Security News

Category Archives: Advisories

sssd-2.9.4-7.fc40

FEDORA-2024-3798818c82

Packages in this update:

Update description:

sssd-2.9.4-2.fc39

FEDORA-2024-78240de990

Packages in this update:

Update description:

sssd-2.9.4-2.fc38

FEDORA-2024-44602bead8

Packages in this update:

Update description:

ZDI-24-369: Google cAdvisor REST API Improper Access Control Information Disclosure Vulnerability

nextcloud-28.0.3-1.fc38

FEDORA-2024-c27e97ca79

Packages in this update:

Update description:

DSA-5671-1 openjdk-11 – security update

DSA-5670-1 thunderbird – security update

DSA-5669-1 guix – security update

DSA-5672-1 openjdk-17 – security update

chromium-124.0.6367.60-1.el9

FEDORA-EPEL-2024-2bf39e0ba4

Packages in this update:

Update description:

News, Advisories and much more