Category Archives: Advisories

SCHUTZWERK-SA-2023-006: Arbitrary File Read via XML External Entities in Visual Planning

Read Time:20 Second

Posted by Lennert Preuth via Fulldisclosure on Apr 05

Title
=====

SCHUTZWERK-SA-2023-006: Arbitrary File Read via XML External Entities in
Visual Planning

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2023-49234

Link
====

https://www.schutzwerk.com/advisories/schutzwerk-sa-2023-006/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-006.txt

Affected products/vendor
========================

All versions prior to Visual Planning 8…

Read More

SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset Functionality in Visual Planning

Read Time:19 Second

Posted by Lennert Preuth via Fulldisclosure on Apr 05

Title
=====

SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset
Functionality in Visual Planning

Status
======

PUBLISHED

Version
=======

1.0

CVE reference
=============

CVE-2023-49232

Link
====

https://www.schutzwerk.com/advisories/schutzwerk-sa-2023-004/

Text-only version:
https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2023-004.txt

Affected products/vendor
========================

All versions prior to Visual…

Read More

A Vulnerability in Broadcom Brocade Fabric OS Could Allow for Arbitrary Code Execution

Read Time:27 Second

A vulnerability has been discovered in Broadcom Brocade Fabric OS that could allow for arbitrary code execution. Broadcom Brocade Fabric OS is the storage area networking firmware for Brocade Communications Systems’ Fibre Channel switch and Fibre Channel directors. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged-on user or obtain root level privileges. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Read More

chromium-123.0.6312.105-1.el7

Read Time:15 Second

FEDORA-EPEL-2024-3cb841c5f0

Packages in this update:

chromium-123.0.6312.105-1.el7

Update description:

update to 123.0.6312.105

High CVE-2024-3156: Inappropriate implementation in V8
High CVE-2024-3158: Use after free in Bookmarks
High CVE-2024-3159: Out of bounds memory access in V8

Read More

chromium-123.0.6312.105-1.el9

Read Time:15 Second

FEDORA-EPEL-2024-7bc0a1d338

Packages in this update:

chromium-123.0.6312.105-1.el9

Update description:

update to 123.0.6312.105

High CVE-2024-3156: Inappropriate implementation in V8
High CVE-2024-3158: Use after free in Bookmarks
High CVE-2024-3159: Out of bounds memory access in V8

Read More

chromium-123.0.6312.105-1.el8

Read Time:15 Second

FEDORA-EPEL-2024-fe061342ca

Packages in this update:

chromium-123.0.6312.105-1.el8

Update description:

update to 123.0.6312.105

High CVE-2024-3156: Inappropriate implementation in V8
High CVE-2024-3158: Use after free in Bookmarks
High CVE-2024-3159: Out of bounds memory access in V8

Read More

USN-6721-1: X.Org X Server vulnerabilities

Read Time:19 Second

It was discovered that X.Org X Server incorrectly handled certain data.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2024-31080, CVE-2024-31081, CVE-2024-31082)

It was discovered that X.Org X Server incorrectly handled certain glyphs.
An attacker could possibly use this issue to cause a crash or expose sensitive
information. (CVE-2024-31083)

Read More