This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-6233.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-6232.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-6231.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-6230.
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Canon imageCLASS MF753Cdw printers. Authentication is not required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2023-6229.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Product Lifecycle Management. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-20953.
openexr-3.1.10-5.fc40
Automatic update for openexr-3.1.10-5.fc40.
* Mon Feb 5 2024 Benjamin A. Beasley <code@musicinmybrain.net> – 3.1.10-5
– Backport proposed fix for CVE-2023-5841 to 3.1.10 (fix RHBZ#2262406)
* Thu Jan 25 2024 Fedora Release Engineering <releng@fedoraproject.org> – 3.1.10-4
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Sun Jan 21 2024 Fedora Release Engineering <releng@fedoraproject.org> – 3.1.10-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
firecracker-1.6.0-6.fc38
libkrun-1.7.2-4.fc38
rust-event-manager-0.4.0-2.fc38
rust-kvm-bindings-0.7.0-1.fc38
rust-kvm-ioctls-0.16.0-3.fc38
rust-linux-loader-0.11.0-1.fc38
rust-userfaultfd-0.8.1-2.fc38
rust-versionize-0.2.0-2.fc38
rust-vhost-0.10.0-2.fc38
rust-vhost-user-backend-0.13.1-2.fc38
rust-virtio-queue-0.11.0-1.fc38
rust-vm-memory-0.14.0-1.fc38
rust-vmm-sys-util-0.12.1-2.fc38
rust-vm-superio-0.7.0-4.fc38
virtiofsd-1.10.1-1.fc38
Update rust-vmm components and their consumers to address CVE-2023-50711
firecracker-1.6.0-6.fc39
libkrun-1.7.2-4.fc39
rust-event-manager-0.4.0-2.fc39
rust-kvm-bindings-0.7.0-1.fc39
rust-kvm-ioctls-0.16.0-2.fc39
rust-linux-loader-0.11.0-1.fc39
rust-userfaultfd-0.8.1-2.fc39
rust-versionize-0.2.0-2.fc39
rust-vhost-0.10.0-2.fc39
rust-vhost-user-backend-0.13.1-2.fc39
rust-virtio-queue-0.11.0-1.fc39
rust-vm-memory-0.14.0-1.fc39
rust-vmm-sys-util-0.12.1-2.fc39
rust-vm-superio-0.7.0-4.fc39
virtiofsd-1.10.1-1.fc39
Update rust-vmm components and their consumers to address CVE-2023-50711
USN-6592-1 fixed vulnerabilities in libssh. This update provides the
corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that libssh incorrectly handled the ProxyCommand and the
ProxyJump features. A remote attacker could possibly use this issue to
inject malicious code into the command of the features mentioned through
the hostname parameter. (CVE-2023-6004)
It was discovered that libssh incorrectly handled return codes when
performing message digest operations. A remote attacker could possibly use
this issue to cause libssh to crash, obtain sensitive information, or
execute arbitrary code. (CVE-2023-6918)
