This vulnerability allows local attackers to escalate privileges on affected installations of Flexera Software FlexNet Publisher. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-2658.
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of GitLab. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 4.3. The following CVEs are assigned: CVE-2024-2818.
This vulnerability allows remote attackers to bypass the Mark-Of-The-Web protection mechanism on affected installations of RARLAB WinRAR. User interaction is required to exploit this vulnerability in that the target must perform a specific action on a malicious page. The ZDI has assigned a CVSS rating of 4.3. The following CVEs are assigned: CVE-2024-30370.
assimp-5.0.1-7.el8
Security fix for CVE-2023-45661 CVE-2023-45662 CVE-2023-45663 CVE-2023-45664 CVE-2023-45666 CVE-2023-45667
c-ares-1.28.1-1.fc38
1.28.1 fixes a significant bug in 1.28.0.
Update to 1.28.0. Also fixes CVE-2024-25629.
c-ares-1.28.1-1.fc40
1.28.1 fixes a significant bug in 1.28.0.
Update to 1.28.0. Also fixes CVE-2024-25629.
c-ares-1.28.1-1.fc39
1.28.1 fixes a significant bug in 1.28.0.
Update to 1.28.0. Also fixes CVE-2024-25629.
Skyler Ferrante discovered that the wall tool from util-linux does not
properly handle escape sequences from command line arguments. A local
attacker can take advantage of this flaw for information disclosure.
With this update wall and write are not anymore installed with setgid
tty.
Two security issues were discovered in MediaWiki, a website engine for
collaborative work, which could result in cross-site scripting or denial
of service.
libvirt-sandbox-0.8.0-15.fc40
rebuild to ensure vulnerable xz isn’t statically linked
