This vulnerability allows local attackers to escalate privileges on affected installations of NI FlexLogger. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-1155.

Read More

FEDORA-2024-e01ef71e64

Packages in this update:

fontforge-20230101-11.fc40

Update description:

Security fix for CVE-2024-25081 and CVE-2024-25082

Read More

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

https://security-tracker.debian.org/tracker/DSA-5634-1

Read More

FEDORA-2024-0da80aa623

Packages in this update:

xen-4.17.2-7.fc38

Update description:

x86: shadow stack vs exceptions from emulation stubs – [XSA-451,
CVE-2023-46841] (#2266326)

Read More

FEDORA-2024-aca9ed1eb1

Packages in this update:

xen-4.17.2-7.fc39

Update description:

x86: shadow stack vs exceptions from emulation stubs – [XSA-451,
CVE-2023-46841] (#2266326)

Read More

FEDORA-2024-ee7c81a4d6

Packages in this update:

xen-4.18.0-6.fc40

Update description:

x86: shadow stack vs exceptions from emulation stubs – [XSA-451,
CVE-2023-46841] (#2266326)

Read More

USN-6644-1 fixed vulnerabilities in LibTIFF.
This update provides the corresponding updates for Ubuntu 22.04 LTS.

Original advisory details:

It was discovered that LibTIFF incorrectly handled certain files. If
a user were tricked into opening a specially crafted file, an attacker
could possibly use this issue to cause the application to crash, resulting
in a denial of service. (CVE-2023-52356)

It was discovered that LibTIFF incorrectly handled certain image files
with the tiffcp utility. If a user were tricked into opening a specially
crafted image file, an attacker could possibly use this issue to cause
tiffcp to crash, resulting in a denial of service. (CVE-2023-6228)

It was discovered that LibTIFF incorrectly handled certain files. If
a user were tricked into opening a specially crafted file, an attacker
could possibly use this issue to cause the application to consume
resources, resulting in a denial of service. (CVE-2023-6277)

Read More

It was discovered that less incorrectly handled certain file names.
An attacker could possibly use this issue to cause a crash or execute
arbitrary commands.

Read More

FEDORA-2024-0d4d9925a2

Packages in this update:

golang-github-tdewolff-argp-0-0.1.20240227git719bbce.fc38
golang-github-tdewolff-minify-2.20.18-1.fc38
golang-github-tdewolff-parse-2.7.12-1.fc38

Update description:

Update to latest version
Security fix for CVE-2023-39325

Read More

FEDORA-2024-c3e32c5635

Packages in this update:

golang-github-tdewolff-argp-0-0.1.20240227git719bbce.fc39
golang-github-tdewolff-minify-2.20.18-1.fc39
golang-github-tdewolff-parse-2.7.12-1.fc39

Update description:

Update to latest version
Security fix for CVE-2023-39325

Read More