ZDI-24-986: Microsoft Azure IoT Edge Dev Tool iotedgetoolscontainerregistry Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure IoT Edge Dev Tool. Authentication is not required to exploit...
ZDI-24-987: Microsoft Object Detection Solution Accelerator csaddevamlacr Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Object Detection Solution Accelerator. Authentication is not required to exploit this...
ZDI-24-988: Microsoft Azure MQTT azure-iot-sdks-ci Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The ZDI...
ZDI-24-989: Microsoft Azure Container Network Management sbidprod Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure. Authentication is not required to exploit this vulnerability. The ZDI...
ZDI-24-990: Microsoft 3D Builder GLB File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft 3D Builder. User interaction is required to exploit this vulnerability in...
ZDI-24-991: Microsoft Azure Arc Jumpstart Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure Arc Jumpstart. Authentication is not required to exploit this vulnerability....
ZDI-24-992: Microsoft Azure VSTS CLI vstscli Uncontrolled Search Path Element Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Azure VSTS CLI. Authentication is not required to exploit this vulnerability....
USN-6916-1: Lua vulnerabilities
It was discovered that Lua did not properly generate code when "_ENV" is constant. An attacker could possibly use this issue to cause a denial...
USN-6920-1: EDK II vulnerabilities
It was discovered that EDK II was not properly performing bounds checks in Tianocompress, which could lead to a buffer overflow. An authenticated user could...
less-643-5.fc40
FEDORA-2024-c0e7a4f5ef Packages in this update: less-643-5.fc40 Update description: Security fix for CVE-2024-32487 - less with LESSOPEN mishandles n in paths Read More