Read Time:9 Second
FEDORA-2025-3ccee236a3
Packages in this update:
chromium-134.0.6998.117-1.fc42
Update description:
Update to 134.0.6998.117
* Critical CVE-2025-2476: Use after free in Lens
Category Archives: Advisories
chromium-134.0.6998.117-1.el9
Read Time:10 Second
FEDORA-EPEL-2025-3bca78a2e4
Packages in this update:
chromium-134.0.6998.117-1.el9
Update description:
Update to 134.0.6998.117
* Critical CVE-2025-2476: Use after free in Lens
A Vulnerability in Veeam Backup & Replication Could Allow for Arbitrary Code Execution
Read Time:23 Second
A vulnerability has been discovered in Veeam Backup & Replication, which could allow for arbitrary code execution. Veeam Backup & Replication is a comprehensive data protection and disaster recovery solution. With Veeam Backup & Replication, you can create image-level backups of virtual, physical and cloud machines and restore from them. Exploitation of this vulnerability requires authentication to the domain but could result in arbitrary code execution. Data such as backups and images could be compromised.
USN-7363-1: PAM-PKCS#11 vulnerabilities
Read Time:24 Second
Marcus Rückert and Matthias Gerstner discovered that PAM-PKCS#11 did not
properly handle certain return codes when authentication was not possible.
An attacker could possibly use this issue to bypass authentication. This
issue only affected Ubuntu 24.04 LTS and Ubuntu 24.10. (CVE-2025-24531)
It was discovered that PAM-PKCS#11 did not require a private key signature
for authentication by default. An attacker could possibly use this issue
to bypass authentication. (CVE-2025-24032)
A Vulnerability in AMI MegaRAC Software Could Allow for Remote Code Execution
Read Time:26 Second
A vulnerability has been discovered in AMI MegaRAC Software, which could allow for remote code execution. MegaRAC is a product line of BMC firmware packages and formerly service processors providing out-of-band, or lights-out remote management of computer systems. Successful exploitation of this vulnerability allows an attacker to remotely control the compromised server, remotely deploy malware, ransomware, firmware tampering, bricking motherboard components (BMC or potentially BIOS/UEFI), potential server physical damage (over-voltage / bricking), and indefinite reboot loops that a victim cannot stop.
USN-7362-1: go-gh vulnerability
Read Time:9 Second
It was discovered that go-gh incorrectly handled authentication
tokens. An attacker could possibly use this issue to leak
authentication tokens to the wrong host. (CVE-2024-53859)
APPLE-SA-03-11-2025-4 visionOS 2.3.2
Read Time:25 Second
Posted by Apple Product Security via Fulldisclosure on Mar 20
APPLE-SA-03-11-2025-4 visionOS 2.3.2
visionOS 2.3.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122284.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
WebKit
Available for: Apple Vision Pro
Impact: Maliciously crafted web content may be able to break out of Web
Content sandbox….
APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2
Read Time:25 Second
Posted by Apple Product Security via Fulldisclosure on Mar 20
APPLE-SA-03-11-2025-3 macOS Sequoia 15.3.2
macOS Sequoia 15.3.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122283.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
WebKit
Available for: macOS Sequoia
Impact: Maliciously crafted web content may be able to break out of Web
Content…
APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2
Read Time:27 Second
Posted by Apple Product Security via Fulldisclosure on Mar 20
APPLE-SA-03-11-2025-2 iOS 18.3.2 and iPadOS 18.3.2
iOS 18.3.2 and iPadOS 18.3.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122281.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
WebKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and…
APPLE-SA-03-11-2025-1 Safari 18.3.1
Read Time:25 Second
Posted by Apple Product Security via Fulldisclosure on Mar 20
APPLE-SA-03-11-2025-1 Safari 18.3.1
Safari 18.3.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/122285.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
WebKit
Available for: macOS Ventura and macOS Sonoma
Impact: Maliciously crafted web content may be able to break out of Web
Content…