ZDI-24-1224: SolarWinds Access Rights Manager JsonSerializationBinder Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Access Rights Manager. Although authentication is required to exploit this vulnerability,...
DSA-5769-1 git – security update
Multiple issues were found in Git, a fast, scalable, distributed revision control system, which may result in file overwrites outside the repository, arbitrary configuration injection...
openssl-3.2.2-7.fc41
FEDORA-2024-7d5c1bcc78 Packages in this update: openssl-3.2.2-7.fc41 Update description: Fix CVE-2024-5535: SSL_select_next_proto buffer overread Read More
USN-7006-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged...
USN-7005-1: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a...
USN-7004-1: Linux kernel vulnerabilities
Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a...
USN-7002-1: Setuptools vulnerability
It was discovered that setuptools was vulnerable to remote code execution. An attacker could possibly use this issue to execute arbitrary code. Read More
USN-7003-2: Linux kernel vulnerabilities
It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to...
USN-7001-1: xmltok library vulnerabilities
Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. An...
USN-7000-1: Expat vulnerabilities
Shang-Hung Wan discovered that Expat did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue...