Read Time:6 Second
FEDORA-2024-7424b57c59
Packages in this update:
Update description:
Fix CVE-2024-25580: potential buffer overflow when reading KTX images.
Category Archives: Advisories
USN-6640-1: shadow vulnerability
Read Time:9 Second
It was discovered that shadow was not properly sanitizing memory when
running the password utility. An attacker could possibly use this issue
to retrieve a password from memory, exposing sensitive information.
44CON 2024 September 18th – 20th CFP
Read Time:20 Second
Posted by Florent Daigniere via Fulldisclosure on Feb 15
44CON is the UK’s largest combined annual Security Conference and
Training event. Taking place 18,19,20 of September at the
Novotel London West near Hammersmith, London. We will have a fully
dedicated conference facility, including catering, private bar, amazing
coffee and a daily Gin O’Clock break.
_ _
/_//_// / // / | 18th – 20th September 2024
/ //_,/_// / | Novotel London West, London
-=-…
qemu-8.1.3-3.fc39
Read Time:9 Second
FEDORA-2024-c601293124
Packages in this update:
qemu-8.1.3-3.fc39
Update description:
Stack buffer overflow in virtio_net_flush_tx (CVE-2023-6693) (rhbz#2256436)
ZDI-24-171: SolarWinds Orion Platform AppendUpdate SQL Injection Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-50395.
ZDI-24-170: SolarWinds Orion Platform AppendCreatePrimary SQL Injection Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Platform. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-35188.
ZDI-24-182: ESET Smart Security Premium ekrn Link Following Local Privilege Escalation Vulnerability
Read Time:17 Second
This vulnerability allows local attackers to escalate privileges on affected installations of ESET Smart Security Premium. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-0353.
ZDI-24-181: Siemens Simcenter Femap MODEL File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-24925.
ZDI-24-180: Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-24924.
ZDI-24-179: Siemens Simcenter Femap MODEL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-24923.