Category Archives: Advisories

Advisories

ZDI-24-270: Dassault Systèmes eDrawings STP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

Advisories

ZDI-24-269: Dassault Systèmes eDrawings JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

Advisories

ZDI-24-268: Dassault Systèmes eDrawings IPT File Parsing Use-After-Free Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

Advisories

ZDI-24-267: Dassault Systèmes eDrawings SLDDRW File Parsing Uninitialized Variable Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

Advisories

ZDI-24-266: Dassault Systèmes eDrawings IPT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

Advisories

ZDI-24-265: Dassault Systèmes eDrawings SAT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

Advisories

chromium-122.0.6261.111-1.el7

Read Time:16 Second

FEDORA-EPEL-2024-a461023d55

Packages in this update:

chromium-122.0.6261.111-1.el7

Update description:

Upstream security release 122.0.6261.111
* High CVE-2024-2173: Out of bounds memory access in V8
* High CVE-2024-2174: Inappropriate implementation in V8
* High CVE-2024-2176: Use after free in FedCM

Read More