openssh-9.0p1-15.fc38
FEDORA-2023-123647648e Packages in this update: openssh-9.0p1-15.fc38 Update description: Avoid possible self-DoS attack Resolves: CVE-2023-25136 Read More
ceph-16.2.12-1.fc36
FEDORA-2023-d6b219d19a Packages in this update: ceph-16.2.12-1.fc36 Update description: ceph 16.2.12 GA Security fix for CVE-2022-3650 Read More
USN-6020-1: Linux kernel (BlueField) vulnerabilities
It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could...
thunderbird-102.10.0-1.fc36
FEDORA-2023-6c3278c87b Packages in this update: thunderbird-102.10.0-1.fc36 Update description: Update to 102.10.0 ; https://www.mozilla.org/en-US/security/advisories/mfsa2023-15/ ; https://www.thunderbird.net/en-US/thunderbird/102.10.0/releasenotes/ Read More
ZDI-23-450: (Pwn2Own) Triangle MicroWorks SCADA Data Gateway Restore Workspace Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this...
ZDI-23-449: (Pwn2Own) Sonos One Speaker MPEG-TS Parser Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-448: (Pwn2Own) Sonos One Speaker msprox Endpoint Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-447: (Pwn2Own) Sonos One Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-446: (Pwn2Own) Sonos One Speaker libsmb2 Integer Overflow Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-445: Schneider Electric APC Easy UPS Online getMacAddressByIP Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit...