Category Archives: Advisories

chromium-122.0.6261.111-1.fc40

Read Time:15 Second

FEDORA-2024-5dacab5f00

Packages in this update:

chromium-122.0.6261.111-1.fc40

Update description:

upstream security release 122.0.6261.111

High CVE-2024-2173: Out of bounds memory access in V8
High CVE-2024-2174: Inappropriate implementation in V8
High CVE-2024-2176: Use after free in FedCM

Read More

mingw-libgcrypt-1.10.3-1.fc41

Read Time:18 Second

FEDORA-2024-9764fc1fc9

Packages in this update:

mingw-libgcrypt-1.10.3-1.fc41

Update description:

Automatic update for mingw-libgcrypt-1.10.3-1.fc41.

Changelog

* Fri Mar 8 2024 Richard W.M. Jones <rjones@redhat.com> – 1.10.3-1
– Rebase to libgcrypt 1.10.3 to match Fedora (RHBZ#2268272)
– Add *.pc (pkgconf) files

Read More

ZDI-24-256: Dassault Systèmes eDrawings CATPART File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

ZDI-24-255: Dassault Systèmes eDrawings X_T File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

ZDI-24-254: Dassault Systèmes eDrawings DWG File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

ZDI-24-253: Dassault Systèmes eDrawings SLDDRW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

ZDI-24-252: Dassault Systèmes eDrawings JT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More

ZDI-24-251: Dassault Systèmes eDrawings SAT File Parsing Memory Corruption Remote Code Execution Vulnerability

Read Time:17 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Dassault Syst��mes eDrawings. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1847.

Read More