Read Time:7 Second
FEDORA-2024-091e2c7801
Packages in this update:
python3.6-3.6.15-37.fc41
Update description:
Security fix for CVE-2024-6232 (rhbz#2310092)
Category Archives: Advisories
python3.12-3.12.6-1.fc42
Read Time:15 Second
FEDORA-2024-c1d8fd5694
Packages in this update:
python3.12-3.12.6-1.fc42
Update description:
Automatic update for python3.12-3.12.6-1.fc42.
Changelog
* Mon Sep 9 2024 Tomáš Hrnčiar <thrnciar@redhat.com> – 3.12.6-1
– Update to 3.12.6
– Fixes: rhbz#2310090
ruby-3.3.5-14.fc40
Read Time:6 Second
FEDORA-2024-146ef211bc
Packages in this update:
ruby-3.3.5-14.fc40
Update description:
Upgrade to Ruby 3.3.5.
ZDI-24-1207: Microsoft Windows Internet Explorer File Extension Spoofing Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.5. The following CVEs are assigned: CVE-2024-43461.
ZDI-24-1206: Microsoft SharePoint SPAutoSerializingObject Deserialization of Untrusted Data Denial-of-Service Vulnerability
Read Time:13 Second
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.5. The following CVEs are assigned: CVE-2024-43466.
ZDI-24-1205: Microsoft Windows BeginPaint Pen Use-After-Free Local Privilege Escalation Vulnerability
Read Time:16 Second
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-38249.
ZDI-24-1204: Microsoft SharePoint SPThemes Deserialization of Untrusted Data Remote Code Execution Vulnerability
Read Time:12 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft SharePoint. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-38018.
ZDI-24-1203: Adobe Photoshop JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-43760.
ZDI-24-1202: Adobe After Effects AVI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe After Effects. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-39381.
ZDI-24-1201: Adobe Premiere Pro AVI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Read Time:17 Second
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Premiere Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2024-39384.