USN-6633-1: Bind vulnerabilities
Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this...
USN-6632-1: OpenSSL vulnerabilities
David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume...
ZDI-24-169: Adobe Audition AVI File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Audition. User interaction is required to exploit this vulnerability in that...
ZDI-24-168: Adobe Acrobat Pro DC Annotation Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability...
ZDI-24-167: Adobe Acrobat Pro DC AcroForm Use-After-Free Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability...
ZDI-24-166: Adobe Acrobat Pro DC AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability...
ZDI-24-165: Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability
This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required...
ZDI-24-164: Microsoft Office Word PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in...
syncthing-1.27.3-1.el8
FEDORA-EPEL-2024-10430622fd Packages in this update: syncthing-1.27.3-1.el8 Update description: Update to version 1.27.3. Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.27.3 This update also addresses CVE-2023-49295 in quic-go: https://github.com/quic-go/quic-go/security/advisories/GHSA-ppxx-5m9h-6vxf Read More
syncthing-1.27.3-1.el9
FEDORA-EPEL-2024-f808902932 Packages in this update: syncthing-1.27.3-1.el9 Update description: Update to version 1.27.3. Release notes: https://github.com/syncthing/syncthing/releases/tag/v1.27.3 This update also addresses CVE-2023-49295 in quic-go: https://github.com/quic-go/quic-go/security/advisories/GHSA-ppxx-5m9h-6vxf Read More