arm-none-eabi-binutils-cs-2.43-1.el9 arm-none-eabi-gcc-cs-12.4.0-1.el9 arm-none-eabi-newlib-4.4.0.20231231-1.el9
FEDORA-EPEL-2024-02a5043c77 Packages in this update: arm-none-eabi-binutils-cs-2.43-1.el9 arm-none-eabi-gcc-cs-12.4.0-1.el9 arm-none-eabi-newlib-4.4.0.20231231-1.el9 Update description: newlib updated to 4.4.0.20231231 to fix CVE-2024-30949, binutils updated to 2.43, gcc to 12.4.0 Read...
chromium-128.0.6613.137-1.fc40
FEDORA-2024-0a4a65f805 Packages in this update: chromium-128.0.6613.137-1.fc40 Update description: update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free...
chromium-128.0.6613.137-1.el9
FEDORA-EPEL-2024-c10cc04f69 Packages in this update: chromium-128.0.6613.137-1.el9 Update description: update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free...
chromium-128.0.6613.137-1.fc41
FEDORA-2024-9e85c72624 Packages in this update: chromium-128.0.6613.137-1.fc41 Update description: update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free...
chromium-128.0.6613.137-1.el8
FEDORA-EPEL-2024-1434b533be Packages in this update: chromium-128.0.6613.137-1.el8 Update description: update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free...
chromium-128.0.6613.137-1.fc39
FEDORA-2024-37f95ce86b Packages in this update: chromium-128.0.6613.137-1.fc39 Update description: update to 128.0.6613.137 * High CVE-2024-8636: Heap buffer overflow in Skia * High CVE-2024-8637: Use after free...
ZDI-24-1223: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Endpoint Manager. Authentication is not required to exploit this vulnerability. The...
CVE-2024-25286 – RedSys – A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Authorization Method of 3DSecure 2.0
Posted by RUBEN LOPEZ HERRERA on Sep 11 Product: 3DSecure 2.0 Manufacturer: Redsys Affected Version(s): 3DSecure 2.0 3DS Authorization Method Tested Version(s): 3DSecure 2.0 3DS...
CVE-2024-25285 – RedSys – 3DSecure 2.0 is vulnerable to form action hijacking
Posted by RUBEN LOPEZ HERRERA on Sep 11 Product: 3DSecure 2.0 Manufacturer: Redsys Affected Version(s): 3DSecure 2.0 3DS Method Authentication Tested Version(s): 3DSecure 2.0 3DS...
CVE-2024-25284 – RedSys – Multiple reflected Cross-Site Scripting (XSS) vulnerabilities in the 3DS Authorization Method of 3DSecure 2.0
Posted by RUBEN LOPEZ HERRERA on Sep 11 Product: 3DSecure 2.0 Manufacturer: Redsys Affected Version(s): 3DSecure 2.0 3DS Authorization Method Tested Version(s): 3DSecure 2.0 3DS...