Category Archives: Advisories

Multiple Vulnerabilities in Microsoft Edge (Chromium-based) Could Allow for Arbitrary Code Execution

Read Time:29 Second

Multiple vulnerabilities have been discovered in Microsoft Edge (Chromium-based), the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Read More

chromium-130.0.6723.58-1.fc40

Read Time:41 Second

FEDORA-2024-4d80983af6

Packages in this update:

chromium-130.0.6723.58-1.fc40

Update description:

Update to 130.0.6723.58

* High CVE-2024-9954: Use after free in AI
* Medium CVE-2024-9955: Use after free in Web Authentication
* Medium CVE-2024-9956: Inappropriate implementation in Web Authentication
* Medium CVE-2024-9957: Use after free in UI
* Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture
* Medium CVE-2024-9959: Use after free in DevTools
* Medium CVE-2024-9960: Use after free in Dawn
* Medium CVE-2024-9961: Use after free in Parcel Tracking
* Medium CVE-2024-9962: Inappropriate implementation in Permissions
* Medium CVE-2024-9963: Insufficient data validation in Downloads
* Low CVE-2024-9964: Inappropriate implementation in Payments
* Low CVE-2024-9965: Insufficient data validation in DevTools
* Low CVE-2024-9966: Inappropriate implementation in Navigations

Read More

chromium-130.0.6723.58-1.fc41

Read Time:41 Second

FEDORA-2024-3a6f9ab958

Packages in this update:

chromium-130.0.6723.58-1.fc41

Update description:

Update to 130.0.6723.58

* High CVE-2024-9954: Use after free in AI
* Medium CVE-2024-9955: Use after free in Web Authentication
* Medium CVE-2024-9956: Inappropriate implementation in Web Authentication
* Medium CVE-2024-9957: Use after free in UI
* Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture
* Medium CVE-2024-9959: Use after free in DevTools
* Medium CVE-2024-9960: Use after free in Dawn
* Medium CVE-2024-9961: Use after free in Parcel Tracking
* Medium CVE-2024-9962: Inappropriate implementation in Permissions
* Medium CVE-2024-9963: Insufficient data validation in Downloads
* Low CVE-2024-9964: Inappropriate implementation in Payments
* Low CVE-2024-9965: Insufficient data validation in DevTools
* Low CVE-2024-9966: Inappropriate implementation in Navigations

Read More

chromium-130.0.6723.58-1.el9

Read Time:42 Second

FEDORA-EPEL-2024-01e1cef110

Packages in this update:

chromium-130.0.6723.58-1.el9

Update description:

Update to 130.0.6723.58

* High CVE-2024-9954: Use after free in AI
* Medium CVE-2024-9955: Use after free in Web Authentication
* Medium CVE-2024-9956: Inappropriate implementation in Web Authentication
* Medium CVE-2024-9957: Use after free in UI
* Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture
* Medium CVE-2024-9959: Use after free in DevTools
* Medium CVE-2024-9960: Use after free in Dawn
* Medium CVE-2024-9961: Use after free in Parcel Tracking
* Medium CVE-2024-9962: Inappropriate implementation in Permissions
* Medium CVE-2024-9963: Insufficient data validation in Downloads
* Low CVE-2024-9964: Inappropriate implementation in Payments
* Low CVE-2024-9965: Insufficient data validation in DevTools
* Low CVE-2024-9966: Inappropriate implementation in Navigations

Read More