Category Archives: Advisories

USN-7056-1: Firefox vulnerabilities

Read Time:42 Second

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2024-9392,
CVE-2024-9396, CVE-2024-9397, CVE-2024-9398, CVE-2024-9399, CVE-2024-9400,
CVE-2024-9401, CVE-2024-9402, CVE-2024-9403)

Masato Kinugawa discovered that Firefox did not properly validate
javascript under the “resource://pdf.js” origin. An attacker could
potentially exploit this issue to execute arbitrary javascript code and
access cross-origin PDF content. (CVE-2024-9393)

Masato Kinugawa discovered that Firefox did not properly validate
javascript under the “resource://devtools” origin. An attacker could
potentially exploit this issue to execute arbitrary javascript code and
access cross-origin JSON content. (CVE-2024-9394)

Read More

chromium-129.0.6668.89-1.fc39

Read Time:14 Second

FEDORA-2024-7aba3c1531

Packages in this update:

chromium-129.0.6668.89-1.fc39

Update description:

update to 129.0.6668.89

High CVE-2024-7025: Integer overflow in Layout
High CVE-2024-9369: Insufficient data validation in Mojo
High CVE-2024-9370: Inappropriate implementation in V8

Read More

chromium-129.0.6668.89-1.fc40

Read Time:14 Second

FEDORA-2024-452b60addf

Packages in this update:

chromium-129.0.6668.89-1.fc40

Update description:

update to 129.0.6668.89

High CVE-2024-7025: Integer overflow in Layout
High CVE-2024-9369: Insufficient data validation in Mojo
High CVE-2024-9370: Inappropriate implementation in V8

Read More

Some SIM / USIM card security (and ecosystem) info

Read Time:24 Second

Posted by Security Explorations on Oct 04

Hello All,

Those interested in SIM / USIM card security might find some
information at our spin-off project page dedicated to the topic
potentially useful:

https://security-explorations.com/sim-usim-cards.html

We share there some information based on the experiences gained in the
SIM / USIM card security space, all in a hope this leads to the
increase of public awareness on the topic, change perspective on the
SIM / USIM card industry and…

Read More

chromium-129.0.6668.89-1.el8

Read Time:15 Second

FEDORA-EPEL-2024-a3d9061962

Packages in this update:

chromium-129.0.6668.89-1.el8

Update description:

update to 129.0.6668.89

* High CVE-2024-7025: Integer overflow in Layout
* High CVE-2024-9369: Insufficient data validation in Mojo
* High CVE-2024-9370: Inappropriate implementation in V8

Read More