ZDI-24-382: Ivanti Avalanche getAdhocFilePath Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-381: Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI...
ZDI-24-380: Ivanti Avalanche copyFile Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-379: Ivanti Avalanche getMasterAdhocCollectionsPath Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-378: Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-377: Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI...
DSA-5673-1 glibc – security update
Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerability when converting strings to the ISO-2022-CN-EXT...
openssl3-3.2.1-1.1.el8
FEDORA-EPEL-2024-b002585dd2 Packages in this update: openssl3-3.2.1-1.1.el8 Update description: Merge in changes from c9s' openssl to pick up various CVE fixes and other bugfixes Read More
nextcloud-28.0.4-2.fc38
FEDORA-2024-d67f9827b2 Packages in this update: nextcloud-28.0.4-2.fc38 Update description: Fix typo and 2 RPM build warnings update to 28.0.3 fix CVE-2024-22403 Read More
firefox-flatpak-125.0.2-1
FEDORA-FLATPAK-2024-57e9bcf6a3 Packages in this update: firefox-flatpak-125.0.2-1 Update description: Firefox 125.0 release. For details, see https://www.mozilla.org/en-US/firefox/125.0/releasenotes/ Please note that this update depends on the flatpak runtime...