This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-23611.
Category Archives: Advisories
ZDI-24-287: NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-23610.
ZDI-24-286: NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-23608.
ZDI-24-285: NI LabVIEW VI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI LabVIEW. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-23609.
libreswan-4.14-1.fc38
FEDORA-2024-1439ec2069
Packages in this update:
libreswan-4.14-1.fc38
Update description:
Update to 4.14 for CVE-2024-2357, v6 SAN name and TFC padding fix for AEAD
rubygem-yard-0.9.36-1.fc38
FEDORA-2024-3744975c4b
Packages in this update:
rubygem-yard-0.9.36-1.fc38
Update description:
A security flaw was found on rubygem-yard that documents generated by yard may be vulnerable to XSS attack. This issue is now assigned as CVE-2024-27285 . This new rpm is supposed to fix this issue.
libreswan-4.14-1.fc39
FEDORA-2024-312a5ed3d5
Packages in this update:
libreswan-4.14-1.fc39
Update description:
Update to 4.14 for CVE-2024-2357, v6 SAN name and TFC padding fix for AEAD
libreswan-4.14-1.fc40
FEDORA-2024-92f0c71a01
Packages in this update:
libreswan-4.14-1.fc40
Update description:
Update to 4.14 for CVE-2024-2357, v6 SAN name and TFC padding fix for AEAD
geany-flatpak-2.0-4
FEDORA-FLATPAK-2024-9f60f92793
Packages in this update:
geany-flatpak-2.0-4
Update description:
Updated git to 2.44.0 and libgit2 to 1.7.2
python-asyncssh-2.13.2-5.el9
FEDORA-EPEL-2024-6bc0ac05e1
Packages in this update:
python-asyncssh-2.13.2-5.el9
Update description:
Backport upstream fix for CVE-2023-48795