This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-1432.
Category Archives: Advisories
ZDI-25-153: Autodesk AutoCAD SLDPRT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-1431.
USN-7354-1: djoser vulnerability
Diego Cebrián discovered that djoser did not properly handle user
authentication. An attacker with valid credentials could possibly
use this to bypass authentication checks, such as two-factor
authentication, to gain unintended access.
rust-zincati-0.0.30-1.fc40
FEDORA-2025-43bcbb0795
Packages in this update:
rust-zincati-0.0.30-1.fc40
Update description:
New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30
rust-zincati-0.0.30-1.fc41
FEDORA-2025-cc269f80fa
Packages in this update:
rust-zincati-0.0.30-1.fc41
Update description:
New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30
Backport polkit rules patch for CVE-2025-27512
https://github.com/coreos/zincati/security/advisories/GHSA-w6fv-6gcc-x825
https://www.cve.org/CVERecord?id=CVE-2025-27512
https://github.com/coreos/zincati/commit/920ac90204830e43fd597f3dcbacf0d772b50a81
rust-zincati-0.0.30-1.fc42
FEDORA-2025-19fabb2ca6
Packages in this update:
rust-zincati-0.0.30-1.fc42
Update description:
New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30
bluez-5.80-1.fc42 iwd-3.4-1.fc42 libell-0.74-1.fc42
FEDORA-2025-35347bf9f0
Packages in this update:
bluez-5.80-1.fc42
iwd-3.4-1.fc42
libell-0.74-1.fc42
Update description:
bluez 5.80:
Fix issue with handling address type for all types of keys.
Fix issue with handling maximum number of GATT channels.
Fix issue with handling MTU auto-tuning feature.
Fix issue with handling AVRCP volume in reconfigured transports.
Fix issue with handling VCP volume setting requests.
Fix issue with handling VCP connection management.
Fix issue with handling MAP qualification.
Fix issue with handling PBAP qualification.
Fix issue with handling BNEP qualification.
Add support for PreferredBearer device property.
Add support for SupportedTypes Message Access property.
Add support for HFP, A2DP, AVRCP, AVCTP and MAP latest versions.
iwd 3.4:
Add support for the Test Anything Protocol.
libell 0.74:
Add support for NIST P-192 curve usage with ECDH.
Add support for SHA-224 based checksums and HMACs.
libell 0.73:
Fix issue with parsing hwdb.bin child structures.
libell 0.72:
Add support for the Test Anything Protocol.
dotnet9.0-9.0.104-1.fc40
FEDORA-2025-78dcffbaa1
Packages in this update:
dotnet9.0-9.0.104-1.fc40
Update description:
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md
dotnet9.0-9.0.104-1.fc41
FEDORA-2025-2edd9dc83b
Packages in this update:
dotnet9.0-9.0.104-1.fc41
Update description:
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md
dotnet9.0-9.0.104-1.fc42
FEDORA-2025-a4aedd0b23
Packages in this update:
dotnet9.0-9.0.104-1.fc42
Update description:
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md