This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 5.4. The following CVEs are assigned: CVE-2024-2886.
Category Archives: Advisories
DSA-5661-1 php8.2 – security update
Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in secure cookie
bypass, XXE attacks or incorrect validation of password hashes.
DSA-5660-1 php7.4 – security update
Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in secure cookie
bypass, XXE attacks or incorrect validation of password hashes.
pgadmin4-7.8-5.fc39
FEDORA-2024-f04c2ec90b
Packages in this update:
pgadmin4-7.8-5.fc39
Update description:
Backport fix for CVE-2024-3116.
mingw-python-idna-3.7-1.fc40
FEDORA-2024-1230cb2cd6
Packages in this update:
mingw-python-idna-3.7-1.fc40
Update description:
Update to idna-3.7.
mingw-python-idna-3.7-1.fc39
FEDORA-2024-83ef5f3c4f
Packages in this update:
mingw-python-idna-3.7-1.fc39
Update description:
Update to idna-3.7.
mingw-python-idna-3.7-1.fc38
FEDORA-2024-831b7c8340
Packages in this update:
mingw-python-idna-3.7-1.fc38
Update description:
Update to idna-3.7.
CVE-2024-31705
Posted by V3locidad on Apr 14
CVE ID: CVE-2024-31705
Title : RCE to Shell Commands” Plugin / GLPI Shell Command Management Interface
Affected Product : GLPI – 10.X.X and last version
Description: An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary code via
the insufficient validation of user-supplied input.
Affected Component : A remote code execution (RCE) vulnerability has been identified in the ‘Shell…
SEC Consult SA-20240411-0 :: Database Passwords in Server Response in Amazon AWS Glue
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 14
SEC Consult Vulnerability Lab Security Advisory < 20240411-0 >
=======================================================================
title: Database Passwords in Server Response
product: Amazon AWS Glue
vulnerable version: until 2024-02-23
fixed version: as of 2024-02-23
CVE number: –
impact: medium
homepage: https://aws.amazon.com/glue/
found:…
chromium-123.0.6312.122-1.el8
FEDORA-EPEL-2024-762aef7cb1
Packages in this update:
chromium-123.0.6312.122-1.el8
Update description:
update to 123.0.6312.122
High CVE-2024-3157: Out of bounds write in Compositing
High CVE-2024-3516: Heap buffer overflow in ANGLE
High CVE-2024-3515: Use after free in Dawn