This vulnerability allows local attackers to escalate privileges on affected installations of Panda Security Dome. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-13043.
Multiple vulnerabilities were discovered in plugins for the GStreamer
media framework and its codecs and demuxers, which may result in denial
of service or potentially the execution of arbitrary code if a malformed
media file is opened.
ofono-2.14-1.fc40
Update to v2.14
icecat-flatpak-115.18.0-2
Updated patchset for CVE-2024-11693 CVE-2024-11697 CVE-2024-11692
mupdf-1.24.6-2.fc40
fix CVE-2024-46657 (rhbz#2331626)
mupdf-1.21.1-6.el9
fix CVE-2024-46657 (rhbz#2331625)
Two security issues have been discovered in FastNetMon, a fast DDoS
analyzer: Malformed Netflow/sFlow traffic could result in denial of
service.
Multiple vulnerabilities have been discovered in the Xen hypervisor,
which could result in privilege escalation, denial of service or
information leaks.
The following vulnerabilities have been discovered in the WebKitGTK
web engine:
CVE-2024-54479
Seunghyun Lee discovered that processing maliciously crafted web
content may lead to an unexpected process crash.
CVE-2024-54502
Brendon Tiszka discovered that processing maliciously crafted web
content may lead to an unexpected process crash.
CVE-2024-54505
Gary Kwong discovered that processing maliciously crafted web
content may lead to memory corruption.
CVE-2024-54508
linjy, chluo and Xiangwei Zhang discovered that processing
maliciously crafted web content may lead to an unexpected process
crash.
openjpeg2-2.5.3-1.fc40
Update to openjpeg-2.5.3
Fix 2 heap-buffer-overflow
