ZDI-24-383: Ivanti Avalanche InstallPackageThread Time-Of-Check Time-Of-Use Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-382: Ivanti Avalanche getAdhocFilePath Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-381: Ivanti Avalanche WLAvalancheService Null Pointer Dereference Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI...
ZDI-24-380: Ivanti Avalanche copyFile Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-379: Ivanti Avalanche getMasterAdhocCollectionsPath Unrestricted File Upload Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-378: Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has...
ZDI-24-377: Ivanti Avalanche WLAvalancheService Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ivanti Avalanche. Authentication is not required to exploit this vulnerability. The ZDI...
DSA-5673-1 glibc – security update
Charles Fol discovered that the iconv() function in the GNU C library is prone to a buffer overflow vulnerability when converting strings to the ISO-2022-CN-EXT...
openssl3-3.2.1-1.1.el8
FEDORA-EPEL-2024-b002585dd2 Packages in this update: openssl3-3.2.1-1.1.el8 Update description: Merge in changes from c9s' openssl to pick up various CVE fixes and other bugfixes Read More
nextcloud-28.0.4-2.fc38
FEDORA-2024-d67f9827b2 Packages in this update: nextcloud-28.0.4-2.fc38 Update description: Fix typo and 2 RPM build warnings update to 28.0.3 fix CVE-2024-22403 Read More