USN-7207-1: Git vulnerabilities

Read Time:18 Second

It was discovered that Git incorrectly handled certain URLs when
asking for credentials. An attacker could possibly use this
issue to mislead the user into typing passwords for trusted
sites that would then be sent to untrusted sites instead.
(CVE-2024-50349)

It was discovered that git incorrectly handled line endings when
using credential helpers. (CVE-2024-52006)

ZDI-25-030: Microsoft Office Word DOCX File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required...

January 15, 2025

ZDI-25-029: Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the...

January 15, 2025

ZDI-25-028: Microsoft Office Word RTF File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Word. User interaction is required...

January 15, 2025

git-lfs-3.6.1-1.fc41

FEDORA-2025-1de066b8af Packages in this update: git-lfs-3.6.1-1.fc41 Update description: Update to latest version Fix CVE-2024-53263 Read More

January 15, 2025

git-lfs-3.6.1-1.fc40

FEDORA-2025-50deb0acd5 Packages in this update: git-lfs-3.6.1-1.fc40 Update description: Update to latest version Fix CVE-2024-53263 Read More

January 15, 2025

USN-7206-1: rsync vulnerabilities

Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly handle checksum lengths. An attacker could use...

January 14, 2025

Microsoft: Happy 2025. Here’s 161 Security Updates

Upcoming Speaking Engagements

New AI Rule Aims to Prevent Misuse of US Technology

Browser-Based Cyber-Threats Surge as Email Malware Declines

Manchester Law Firm Leads 15,000 to Sue Google and Microsoft over AI Data

The First Password on the Internet

UK Considers Ban on Ransomware Payments by Public Bodies

Remediation Times Drop Sharply as Cyber Hygiene Take Up Surges

UK Registry Nominet Breached Via Ivanti Zero-Day

ZDI-25-030: Microsoft Office Word DOCX File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

ZDI-25-029: Microsoft Windows Installer Service Link Following Local Privilege Escalation Vulnerability

ZDI-25-028: Microsoft Office Word RTF File Parsing Memory Corruption Remote Code Execution Vulnerability

git-lfs-3.6.1-1.fc41

git-lfs-3.6.1-1.fc40

USN-7206-1: rsync vulnerabilities