ZDI-24-1082: (0Day) (Pwn2Own) oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability

Read Time:16 Second

This vulnerability allows local attackers to disclose sensitive information on affected installations of oFono. An attacker must first obtain the ability to execute code on the target modem in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-7542.

php-tcpdf-6.9.1-1.fc40

FEDORA-2025-b5809de628 Packages in this update: php-tcpdf-6.9.1-1.fc40 Update description: Version 6.9.1 (2025-04-03) Fixed Path Traversal security vulnerability reported by Positive Technologies....

April 7, 2025

php-tcpdf-6.9.1-1.fc42

FEDORA-2025-39c7a4c7ce Packages in this update: php-tcpdf-6.9.1-1.fc42 Update description: Version 6.9.1 (2025-04-03) Fixed Path Traversal security vulnerability reported by Positive Technologies....

April 7, 2025

php-tcpdf-6.9.1-1.fc41

FEDORA-2025-85549e07c8 Packages in this update: php-tcpdf-6.9.1-1.fc41 Update description: Version 6.9.1 (2025-04-03) Fixed Path Traversal security vulnerability reported by Positive Technologies....

April 7, 2025

perl-Crypt-URandom-Token-0.003-1.fc41 perl-DBIx-Class-EncodedColumn-0.11000-1.fc41

FEDORA-2025-0a8c805972 Packages in this update: perl-Crypt-URandom-Token-0.003-1.fc41 perl-DBIx-Class-EncodedColumn-0.11000-1.fc41 Update description: Needed for perl-DBIx-Class-EncodedColumn-0.11 Read More

April 7, 2025

USN-7410-1: Tomcat vulnerability

It was discovered that Tomcat incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause tomcat9...

April 7, 2025

USN-7417-1: libdbd-mysql-perl vulnerabilities

It was discovered that libdbd-mysql-perl did not correctly handle certain SQL queries. An attacker could possibly use this issue to...

April 7, 2025

Darknet’s Xanthorox AI Offers Customizable Tools for Hackers

King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors

DIRNSA Fired

Vodafone Urges UK Cybersecurity Policy Reforms as SME Cyber-Attack Costs Reach £3.4bn

Government Backs Britain’s First Cyber Seed Fund, Worth £50m

Aussie Pension Savers Hit with Wave of Credential Stuffing Attacks

Friday Squid Blogging: Two-Man Giant Squid

Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses

Troy Hunt Gets Phished

ZDI-24-1082: (0Day) (Pwn2Own) oFono AT CMGR Command Uninitialized Variable Information Disclosure Vulnerability

php-tcpdf-6.9.1-1.fc40

php-tcpdf-6.9.1-1.fc42

php-tcpdf-6.9.1-1.fc41

perl-Crypt-URandom-Token-0.003-1.fc41 perl-DBIx-Class-EncodedColumn-0.11000-1.fc41

USN-7410-1: Tomcat vulnerability

USN-7417-1: libdbd-mysql-perl vulnerabilities