Read Time:8 Second
It was discovered that debmany in Debian Goodies incorrectly handled certain
deb files. An attacker could possibly use this issue to execute arbitrary shell
commands.
Category Archives: Advisories
biosig4c++-2.6.0-3.fc40
Read Time:21 Second
FEDORA-2024-ff6a72d8e9
Packages in this update:
biosig4c++-2.6.0-3.fc40
Update description:
2.6.0 – Security Update
BrainVisionMarker
fixes CVE-2024-23305
BrainVision: proved parser and sanity checks
fixes CVE-2024-22097, CVE-2024-23809
EGI
fixes CVE-2024-21795
FAMOS: disabled, support can be enabled by setting BIOSIG_FAMOS_TRUST_INPUT=1
mitigate vulnerabilities CVE-2024-21812, CVE-2024-23313, CVE-2024-23310, CVE-2024-23606
USN-6713-1: QPDF vulnerability
Read Time:14 Second
It was discovered that QPDF incorrectly handled certain memory operations
when decoding JSON files. If a user or automated system were tricked into
processing a specially crafted JSON file, QPDF could be made to crash,
resulting in a denial of service, or possibly execute arbitrary code.
USN-6712-1: Net::CIDR::Lite vulnerability
Read Time:9 Second
It was discovered that Net::CIDR::Lite incorrectly handled extra zero
characters at the beginning of IP address strings. A remote attacker could
possibly use this issue to bypass access controls.
USN-6711-1: CRM shell vulnerability
Read Time:9 Second
Vincent Berg discovered that CRM shell incorrectly handled certain commands.
An local attacker could possibly use this issue to execute arbitrary code
via shell code injection to the crm history commandline.
USN-6710-1: Firefox vulnerabilities
Read Time:23 Second
Manfred Paul discovered that Firefox did not properly perform bounds
checking during range analysis, leading to an out-of-bounds write
vulnerability. A attacker could use this to cause a denial of service,
or execute arbitrary code. (CVE-2024-29943)
Manfred Paul discovered that Firefox incorrectly handled MessageManager
listeners under certain circumstances. An attacker who was able to inject
an event handler into a privileged object may have been able to execute
arbitrary code. (CVE-2024-29944)
DSA-5646-1 cacti – security update
Read Time:11 Second
Multiple security vulnerabilities have been discovered in Cacti, a web
interface for graphing of monitoring systems, which could result in
cross-site scripting, SQL injection, or command injection.
DSA-5647-1 samba – security update
Read Time:11 Second
Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,
print, and login server for Unix, which might result in denial of service
or information disclosure.
seamonkey-2.53.18.2-1.el7
Read Time:7 Second
FEDORA-EPEL-2024-3f86ec863a
Packages in this update:
seamonkey-2.53.18.2-1.el7
Update description:
Update to 2.53.18.2
seamonkey-2.53.18.2-1.el8
Read Time:7 Second
FEDORA-EPEL-2024-8f366635a6
Packages in this update:
seamonkey-2.53.18.2-1.el8
Update description:
Update to 2.53.18.2