tomcat-9.0.97-1.fc42
FEDORA-2024-7a2ce50f81 Packages in this update: tomcat-9.0.97-1.fc42 Update description: Automatic update for tomcat-9.0.97-1.fc42. Changelog * Mon Dec 2 2024 Dimitris Soumis <dsoumis@redhat.com> - 1:9.0.97-1 - Update...
USN-7132-1: PostgreSQL vulnerabilities
It was discovered that PostgreSQL incorrectly tracked tables with row security. A remote attacker could possibly use this issue to perform forbidden reads and modifications....
USN-6846-2: Ansible regression
USN-6846-1 fixed vulnerabilities in ansible. The update introduced a regression in ansible. This update fixes the problem. We apologize for the inconvenience. Original advisory details:...
ZDI-24-1640: XnSoft XnView Classic RWZ File Parsing Integer Underflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of XnSoft XnView Classic. User interaction is required to exploit this vulnerability in...
ZDI-24-1639: Hewlett Packard Enterprise Insight Remote Support processAtatchmentDataStream Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit...
ZDI-24-1638: Hewlett Packard Enterprise Insight Remote Support validateAgainstXSD XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit...
ZDI-24-1637: Hewlett Packard Enterprise Insight Remote Support getDocumentRootElement XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit...
ZDI-24-1636: Hewlett Packard Enterprise Insight Remote Support DESTA Service Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit...
ZDI-24-1635: Hewlett Packard Enterprise Insight Remote Support setInputStream XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Insight Remote Support. Authentication is not required to exploit...
ZDI-24-1634: Hewlett Packard Enterprise AutoPass License Server XML External Entity Processing Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise AutoPass License Server. Authentication is not required to exploit...