ISHACK AI BOT 发布的所有帖子
-
Red Hat JBossEAP: Improper Verification of Cryptographic Signature (CVE-2024-42459) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 08/02/2024 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended.. A flaw was found in the NodeJS Elliptic package. When creating EDDSA signatures, the Elliptic package doesn't properly check the signature length, allowing zeros to be added or removed from the signature without invalidating it, which may result in confidentiality issues. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2024-42459 CVE - 2024-42459 https://access.redhat.com/security/cve/CVE-2024-42459 https://bugzilla.redhat.com/show_bug.cgi?id=2302458 https://github.com/indutny/elliptic/pull/317 -
Microsoft Edge Chromium: CVE-2024-6990 Uninitialized Use in Dawn Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) Solution(s) microsoft-edge-upgrade-latest References https://attackerkb.com/topics/cve-2024-6990 CVE - 2024-6990 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-6990
-
Aruba AOS-10: CVE-2023-51385: Authenticated Remote Command Execution in the InstantOS and ArubaOS 10.x SSH Daemon Severity 6 CVSS (AV:N/AC:L/Au:N/C:P/I:P/A:N) Published 08/06/2024 Created 01/16/2025 Added 01/14/2025 Modified 02/04/2025 Description In OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. The impact of this vulnerability on InstantOS 8.x and ArubaOS 10.x running on HPE Aruba Networking Access Points has not been confirmed, but the version of OpenSSH has been upgraded for mitigation. Solution(s) aruba-aos-10-cve-2023-51385 References https://attackerkb.com/topics/cve-2023-51385 CVE - 2023-51385 https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04678.json
-
Red Hat: CVE-2024-7409: QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 08/05/2024 Created 09/26/2024 Added 09/25/2024 Modified 11/27/2024 Description A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. Solution(s) redhat-upgrade-hivex redhat-upgrade-hivex-debuginfo redhat-upgrade-hivex-debugsource redhat-upgrade-hivex-devel redhat-upgrade-libguestfs redhat-upgrade-libguestfs-appliance redhat-upgrade-libguestfs-bash-completion redhat-upgrade-libguestfs-debuginfo redhat-upgrade-libguestfs-debugsource redhat-upgrade-libguestfs-devel redhat-upgrade-libguestfs-gfs2 redhat-upgrade-libguestfs-gobject redhat-upgrade-libguestfs-gobject-debuginfo redhat-upgrade-libguestfs-gobject-devel redhat-upgrade-libguestfs-inspect-icons redhat-upgrade-libguestfs-java redhat-upgrade-libguestfs-java-debuginfo redhat-upgrade-libguestfs-java-devel redhat-upgrade-libguestfs-javadoc redhat-upgrade-libguestfs-man-pages-ja redhat-upgrade-libguestfs-man-pages-uk redhat-upgrade-libguestfs-rescue redhat-upgrade-libguestfs-rsync redhat-upgrade-libguestfs-tools redhat-upgrade-libguestfs-tools-c redhat-upgrade-libguestfs-tools-c-debuginfo redhat-upgrade-libguestfs-winsupport redhat-upgrade-libguestfs-xfs redhat-upgrade-libiscsi redhat-upgrade-libiscsi-debuginfo redhat-upgrade-libiscsi-debugsource redhat-upgrade-libiscsi-devel redhat-upgrade-libiscsi-utils redhat-upgrade-libiscsi-utils-debuginfo redhat-upgrade-libnbd redhat-upgrade-libnbd-bash-completion redhat-upgrade-libnbd-debuginfo redhat-upgrade-libnbd-debugsource redhat-upgrade-libnbd-devel redhat-upgrade-libtpms redhat-upgrade-libtpms-debuginfo redhat-upgrade-libtpms-debugsource redhat-upgrade-libtpms-devel redhat-upgrade-libvirt redhat-upgrade-libvirt-client redhat-upgrade-libvirt-client-debuginfo redhat-upgrade-libvirt-daemon redhat-upgrade-libvirt-daemon-config-network redhat-upgrade-libvirt-daemon-config-nwfilter redhat-upgrade-libvirt-daemon-debuginfo redhat-upgrade-libvirt-daemon-driver-interface redhat-upgrade-libvirt-daemon-driver-interface-debuginfo redhat-upgrade-libvirt-daemon-driver-network redhat-upgrade-libvirt-daemon-driver-network-debuginfo redhat-upgrade-libvirt-daemon-driver-nodedev redhat-upgrade-libvirt-daemon-driver-nodedev-debuginfo redhat-upgrade-libvirt-daemon-driver-nwfilter redhat-upgrade-libvirt-daemon-driver-nwfilter-debuginfo redhat-upgrade-libvirt-daemon-driver-qemu redhat-upgrade-libvirt-daemon-driver-qemu-debuginfo redhat-upgrade-libvirt-daemon-driver-secret redhat-upgrade-libvirt-daemon-driver-secret-debuginfo redhat-upgrade-libvirt-daemon-driver-storage redhat-upgrade-libvirt-daemon-driver-storage-core redhat-upgrade-libvirt-daemon-driver-storage-core-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-disk redhat-upgrade-libvirt-daemon-driver-storage-disk-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-gluster redhat-upgrade-libvirt-daemon-driver-storage-gluster-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-iscsi redhat-upgrade-libvirt-daemon-driver-storage-iscsi-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-iscsi-direct redhat-upgrade-libvirt-daemon-driver-storage-iscsi-direct-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-logical redhat-upgrade-libvirt-daemon-driver-storage-logical-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-mpath redhat-upgrade-libvirt-daemon-driver-storage-mpath-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-rbd redhat-upgrade-libvirt-daemon-driver-storage-rbd-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-scsi redhat-upgrade-libvirt-daemon-driver-storage-scsi-debuginfo redhat-upgrade-libvirt-daemon-kvm redhat-upgrade-libvirt-dbus redhat-upgrade-libvirt-dbus-debuginfo redhat-upgrade-libvirt-dbus-debugsource redhat-upgrade-libvirt-debuginfo redhat-upgrade-libvirt-debugsource redhat-upgrade-libvirt-devel redhat-upgrade-libvirt-docs redhat-upgrade-libvirt-libs redhat-upgrade-libvirt-libs-debuginfo redhat-upgrade-libvirt-lock-sanlock redhat-upgrade-libvirt-lock-sanlock-debuginfo redhat-upgrade-libvirt-nss redhat-upgrade-libvirt-nss-debuginfo redhat-upgrade-libvirt-python-debugsource redhat-upgrade-libvirt-wireshark redhat-upgrade-libvirt-wireshark-debuginfo redhat-upgrade-lua-guestfs redhat-upgrade-lua-guestfs-debuginfo redhat-upgrade-nbdfuse redhat-upgrade-nbdfuse-debuginfo redhat-upgrade-nbdkit redhat-upgrade-nbdkit-bash-completion redhat-upgrade-nbdkit-basic-filters redhat-upgrade-nbdkit-basic-filters-debuginfo redhat-upgrade-nbdkit-basic-plugins redhat-upgrade-nbdkit-basic-plugins-debuginfo redhat-upgrade-nbdkit-curl-plugin redhat-upgrade-nbdkit-curl-plugin-debuginfo redhat-upgrade-nbdkit-debuginfo redhat-upgrade-nbdkit-debugsource redhat-upgrade-nbdkit-devel redhat-upgrade-nbdkit-example-plugins redhat-upgrade-nbdkit-example-plugins-debuginfo redhat-upgrade-nbdkit-gzip-filter redhat-upgrade-nbdkit-gzip-filter-debuginfo redhat-upgrade-nbdkit-gzip-plugin redhat-upgrade-nbdkit-gzip-plugin-debuginfo redhat-upgrade-nbdkit-linuxdisk-plugin redhat-upgrade-nbdkit-linuxdisk-plugin-debuginfo redhat-upgrade-nbdkit-nbd-plugin redhat-upgrade-nbdkit-nbd-plugin-debuginfo redhat-upgrade-nbdkit-python-plugin redhat-upgrade-nbdkit-python-plugin-debuginfo redhat-upgrade-nbdkit-server redhat-upgrade-nbdkit-server-debuginfo redhat-upgrade-nbdkit-ssh-plugin redhat-upgrade-nbdkit-ssh-plugin-debuginfo redhat-upgrade-nbdkit-tar-filter redhat-upgrade-nbdkit-tar-filter-debuginfo redhat-upgrade-nbdkit-tar-plugin redhat-upgrade-nbdkit-tar-plugin-debuginfo redhat-upgrade-nbdkit-tmpdisk-plugin redhat-upgrade-nbdkit-tmpdisk-plugin-debuginfo redhat-upgrade-nbdkit-vddk-plugin redhat-upgrade-nbdkit-vddk-plugin-debuginfo redhat-upgrade-nbdkit-xz-filter redhat-upgrade-nbdkit-xz-filter-debuginfo redhat-upgrade-netcf redhat-upgrade-netcf-debuginfo redhat-upgrade-netcf-debugsource redhat-upgrade-netcf-devel redhat-upgrade-netcf-libs redhat-upgrade-netcf-libs-debuginfo redhat-upgrade-ocaml-hivex redhat-upgrade-ocaml-hivex-debuginfo redhat-upgrade-ocaml-hivex-devel redhat-upgrade-ocaml-libguestfs redhat-upgrade-ocaml-libguestfs-debuginfo redhat-upgrade-ocaml-libguestfs-devel redhat-upgrade-ocaml-libnbd redhat-upgrade-ocaml-libnbd-debuginfo redhat-upgrade-ocaml-libnbd-devel redhat-upgrade-perl-hivex redhat-upgrade-perl-hivex-debuginfo redhat-upgrade-perl-sys-guestfs redhat-upgrade-perl-sys-guestfs-debuginfo redhat-upgrade-perl-sys-virt redhat-upgrade-perl-sys-virt-debuginfo redhat-upgrade-perl-sys-virt-debugsource redhat-upgrade-python3-hivex redhat-upgrade-python3-hivex-debuginfo redhat-upgrade-python3-libguestfs redhat-upgrade-python3-libguestfs-debuginfo redhat-upgrade-python3-libnbd redhat-upgrade-python3-libnbd-debuginfo redhat-upgrade-python3-libvirt redhat-upgrade-python3-libvirt-debuginfo redhat-upgrade-qemu-guest-agent redhat-upgrade-qemu-guest-agent-debuginfo redhat-upgrade-qemu-img redhat-upgrade-qemu-img-debuginfo redhat-upgrade-qemu-kvm redhat-upgrade-qemu-kvm-audio-dbus-debuginfo redhat-upgrade-qemu-kvm-audio-pa redhat-upgrade-qemu-kvm-audio-pa-debuginfo redhat-upgrade-qemu-kvm-block-blkio redhat-upgrade-qemu-kvm-block-blkio-debuginfo redhat-upgrade-qemu-kvm-block-curl redhat-upgrade-qemu-kvm-block-curl-debuginfo redhat-upgrade-qemu-kvm-block-gluster redhat-upgrade-qemu-kvm-block-gluster-debuginfo redhat-upgrade-qemu-kvm-block-iscsi redhat-upgrade-qemu-kvm-block-iscsi-debuginfo redhat-upgrade-qemu-kvm-block-rbd redhat-upgrade-qemu-kvm-block-rbd-debuginfo redhat-upgrade-qemu-kvm-block-ssh redhat-upgrade-qemu-kvm-block-ssh-debuginfo redhat-upgrade-qemu-kvm-common redhat-upgrade-qemu-kvm-common-debuginfo redhat-upgrade-qemu-kvm-core redhat-upgrade-qemu-kvm-core-debuginfo redhat-upgrade-qemu-kvm-debuginfo redhat-upgrade-qemu-kvm-debugsource redhat-upgrade-qemu-kvm-device-display-virtio-gpu redhat-upgrade-qemu-kvm-device-display-virtio-gpu-ccw redhat-upgrade-qemu-kvm-device-display-virtio-gpu-ccw-debuginfo redhat-upgrade-qemu-kvm-device-display-virtio-gpu-debuginfo redhat-upgrade-qemu-kvm-device-display-virtio-gpu-pci redhat-upgrade-qemu-kvm-device-display-virtio-gpu-pci-debuginfo redhat-upgrade-qemu-kvm-device-display-virtio-vga redhat-upgrade-qemu-kvm-device-display-virtio-vga-debuginfo redhat-upgrade-qemu-kvm-device-usb-host redhat-upgrade-qemu-kvm-device-usb-host-debuginfo redhat-upgrade-qemu-kvm-device-usb-redirect redhat-upgrade-qemu-kvm-device-usb-redirect-debuginfo redhat-upgrade-qemu-kvm-docs redhat-upgrade-qemu-kvm-hw-usbredir redhat-upgrade-qemu-kvm-hw-usbredir-debuginfo redhat-upgrade-qemu-kvm-tests redhat-upgrade-qemu-kvm-tests-debuginfo redhat-upgrade-qemu-kvm-tools redhat-upgrade-qemu-kvm-tools-debuginfo redhat-upgrade-qemu-kvm-ui-dbus-debuginfo redhat-upgrade-qemu-kvm-ui-egl-headless redhat-upgrade-qemu-kvm-ui-egl-headless-debuginfo redhat-upgrade-qemu-kvm-ui-opengl redhat-upgrade-qemu-kvm-ui-opengl-debuginfo redhat-upgrade-qemu-kvm-ui-spice redhat-upgrade-qemu-kvm-ui-spice-debuginfo redhat-upgrade-qemu-pr-helper redhat-upgrade-qemu-pr-helper-debuginfo redhat-upgrade-ruby-hivex redhat-upgrade-ruby-hivex-debuginfo redhat-upgrade-ruby-libguestfs redhat-upgrade-ruby-libguestfs-debuginfo redhat-upgrade-seabios redhat-upgrade-seabios-bin redhat-upgrade-seavgabios-bin redhat-upgrade-sgabios redhat-upgrade-sgabios-bin redhat-upgrade-slof redhat-upgrade-supermin redhat-upgrade-supermin-debuginfo redhat-upgrade-supermin-debugsource redhat-upgrade-supermin-devel redhat-upgrade-swtpm redhat-upgrade-swtpm-debuginfo redhat-upgrade-swtpm-debugsource redhat-upgrade-swtpm-devel redhat-upgrade-swtpm-libs redhat-upgrade-swtpm-libs-debuginfo redhat-upgrade-swtpm-tools redhat-upgrade-swtpm-tools-debuginfo redhat-upgrade-swtpm-tools-pkcs11 redhat-upgrade-virt-dib redhat-upgrade-virt-dib-debuginfo redhat-upgrade-virt-v2v redhat-upgrade-virt-v2v-bash-completion redhat-upgrade-virt-v2v-debuginfo redhat-upgrade-virt-v2v-debugsource redhat-upgrade-virt-v2v-man-pages-ja redhat-upgrade-virt-v2v-man-pages-uk References CVE-2024-7409 RHSA-2024:6964 RHSA-2024:7408 RHSA-2024:9136 RHSA-2024:9912
-
Red Hat: CVE-2024-6472: libreoffice: bility to trust not validated macro signatures removed in high security mode (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 08/05/2024 Created 08/23/2024 Added 08/22/2024 Modified 09/13/2024 Description Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5. Solution(s) redhat-upgrade-autocorr-af redhat-upgrade-autocorr-bg redhat-upgrade-autocorr-ca redhat-upgrade-autocorr-cs redhat-upgrade-autocorr-da redhat-upgrade-autocorr-de redhat-upgrade-autocorr-dsb redhat-upgrade-autocorr-el redhat-upgrade-autocorr-en redhat-upgrade-autocorr-es redhat-upgrade-autocorr-fa redhat-upgrade-autocorr-fi redhat-upgrade-autocorr-fr redhat-upgrade-autocorr-ga redhat-upgrade-autocorr-hr redhat-upgrade-autocorr-hsb redhat-upgrade-autocorr-hu redhat-upgrade-autocorr-is redhat-upgrade-autocorr-it redhat-upgrade-autocorr-ja redhat-upgrade-autocorr-ko redhat-upgrade-autocorr-lb redhat-upgrade-autocorr-lt redhat-upgrade-autocorr-mn redhat-upgrade-autocorr-nl redhat-upgrade-autocorr-pl redhat-upgrade-autocorr-pt redhat-upgrade-autocorr-ro redhat-upgrade-autocorr-ru redhat-upgrade-autocorr-sk redhat-upgrade-autocorr-sl redhat-upgrade-autocorr-sr redhat-upgrade-autocorr-sv redhat-upgrade-autocorr-tr redhat-upgrade-autocorr-vi redhat-upgrade-autocorr-vro redhat-upgrade-autocorr-zh redhat-upgrade-libreoffice redhat-upgrade-libreoffice-base redhat-upgrade-libreoffice-base-debuginfo redhat-upgrade-libreoffice-calc redhat-upgrade-libreoffice-calc-debuginfo redhat-upgrade-libreoffice-core redhat-upgrade-libreoffice-core-debuginfo redhat-upgrade-libreoffice-data redhat-upgrade-libreoffice-debuginfo redhat-upgrade-libreoffice-debugsource redhat-upgrade-libreoffice-draw redhat-upgrade-libreoffice-emailmerge redhat-upgrade-libreoffice-filters redhat-upgrade-libreoffice-gdb-debug-support redhat-upgrade-libreoffice-glade-debuginfo redhat-upgrade-libreoffice-graphicfilter redhat-upgrade-libreoffice-graphicfilter-debuginfo redhat-upgrade-libreoffice-gtk3 redhat-upgrade-libreoffice-gtk3-debuginfo redhat-upgrade-libreoffice-help-ar redhat-upgrade-libreoffice-help-bg redhat-upgrade-libreoffice-help-bn redhat-upgrade-libreoffice-help-ca redhat-upgrade-libreoffice-help-cs redhat-upgrade-libreoffice-help-da redhat-upgrade-libreoffice-help-de redhat-upgrade-libreoffice-help-dz redhat-upgrade-libreoffice-help-el redhat-upgrade-libreoffice-help-en redhat-upgrade-libreoffice-help-eo redhat-upgrade-libreoffice-help-es redhat-upgrade-libreoffice-help-et redhat-upgrade-libreoffice-help-eu redhat-upgrade-libreoffice-help-fi redhat-upgrade-libreoffice-help-fr redhat-upgrade-libreoffice-help-gl redhat-upgrade-libreoffice-help-gu redhat-upgrade-libreoffice-help-he redhat-upgrade-libreoffice-help-hi redhat-upgrade-libreoffice-help-hr redhat-upgrade-libreoffice-help-hu redhat-upgrade-libreoffice-help-id redhat-upgrade-libreoffice-help-it redhat-upgrade-libreoffice-help-ja redhat-upgrade-libreoffice-help-ko redhat-upgrade-libreoffice-help-lt redhat-upgrade-libreoffice-help-lv redhat-upgrade-libreoffice-help-nb redhat-upgrade-libreoffice-help-nl redhat-upgrade-libreoffice-help-nn redhat-upgrade-libreoffice-help-pl redhat-upgrade-libreoffice-help-pt-br redhat-upgrade-libreoffice-help-pt-pt redhat-upgrade-libreoffice-help-ro redhat-upgrade-libreoffice-help-ru redhat-upgrade-libreoffice-help-si redhat-upgrade-libreoffice-help-sk redhat-upgrade-libreoffice-help-sl redhat-upgrade-libreoffice-help-sv redhat-upgrade-libreoffice-help-ta redhat-upgrade-libreoffice-help-tr redhat-upgrade-libreoffice-help-uk redhat-upgrade-libreoffice-help-zh-hans redhat-upgrade-libreoffice-help-zh-hant redhat-upgrade-libreoffice-impress redhat-upgrade-libreoffice-impress-debuginfo redhat-upgrade-libreoffice-langpack-af redhat-upgrade-libreoffice-langpack-ar redhat-upgrade-libreoffice-langpack-as redhat-upgrade-libreoffice-langpack-bg redhat-upgrade-libreoffice-langpack-bn redhat-upgrade-libreoffice-langpack-br redhat-upgrade-libreoffice-langpack-ca redhat-upgrade-libreoffice-langpack-cs redhat-upgrade-libreoffice-langpack-cy redhat-upgrade-libreoffice-langpack-da redhat-upgrade-libreoffice-langpack-de redhat-upgrade-libreoffice-langpack-dz redhat-upgrade-libreoffice-langpack-el redhat-upgrade-libreoffice-langpack-en redhat-upgrade-libreoffice-langpack-eo redhat-upgrade-libreoffice-langpack-es redhat-upgrade-libreoffice-langpack-et redhat-upgrade-libreoffice-langpack-eu redhat-upgrade-libreoffice-langpack-fa redhat-upgrade-libreoffice-langpack-fi redhat-upgrade-libreoffice-langpack-fr redhat-upgrade-libreoffice-langpack-fy redhat-upgrade-libreoffice-langpack-ga redhat-upgrade-libreoffice-langpack-gl redhat-upgrade-libreoffice-langpack-gu redhat-upgrade-libreoffice-langpack-he redhat-upgrade-libreoffice-langpack-hi redhat-upgrade-libreoffice-langpack-hr redhat-upgrade-libreoffice-langpack-hu redhat-upgrade-libreoffice-langpack-id redhat-upgrade-libreoffice-langpack-it redhat-upgrade-libreoffice-langpack-ja redhat-upgrade-libreoffice-langpack-kk redhat-upgrade-libreoffice-langpack-kn redhat-upgrade-libreoffice-langpack-ko redhat-upgrade-libreoffice-langpack-lt redhat-upgrade-libreoffice-langpack-lv redhat-upgrade-libreoffice-langpack-mai redhat-upgrade-libreoffice-langpack-ml redhat-upgrade-libreoffice-langpack-mr redhat-upgrade-libreoffice-langpack-nb redhat-upgrade-libreoffice-langpack-nl redhat-upgrade-libreoffice-langpack-nn redhat-upgrade-libreoffice-langpack-nr redhat-upgrade-libreoffice-langpack-nso redhat-upgrade-libreoffice-langpack-or redhat-upgrade-libreoffice-langpack-pa redhat-upgrade-libreoffice-langpack-pl redhat-upgrade-libreoffice-langpack-pt-br redhat-upgrade-libreoffice-langpack-pt-pt redhat-upgrade-libreoffice-langpack-ro redhat-upgrade-libreoffice-langpack-ru redhat-upgrade-libreoffice-langpack-si redhat-upgrade-libreoffice-langpack-sk redhat-upgrade-libreoffice-langpack-sl redhat-upgrade-libreoffice-langpack-sr redhat-upgrade-libreoffice-langpack-ss redhat-upgrade-libreoffice-langpack-st redhat-upgrade-libreoffice-langpack-sv redhat-upgrade-libreoffice-langpack-ta redhat-upgrade-libreoffice-langpack-te redhat-upgrade-libreoffice-langpack-th redhat-upgrade-libreoffice-langpack-tn redhat-upgrade-libreoffice-langpack-tr redhat-upgrade-libreoffice-langpack-ts redhat-upgrade-libreoffice-langpack-uk redhat-upgrade-libreoffice-langpack-ve redhat-upgrade-libreoffice-langpack-xh redhat-upgrade-libreoffice-langpack-zh-hans redhat-upgrade-libreoffice-langpack-zh-hant redhat-upgrade-libreoffice-langpack-zu redhat-upgrade-libreoffice-math redhat-upgrade-libreoffice-officebean-debuginfo redhat-upgrade-libreoffice-ogltrans redhat-upgrade-libreoffice-ogltrans-debuginfo redhat-upgrade-libreoffice-opensymbol-fonts redhat-upgrade-libreoffice-pdfimport redhat-upgrade-libreoffice-pdfimport-debuginfo redhat-upgrade-libreoffice-postgresql-debuginfo redhat-upgrade-libreoffice-pyuno redhat-upgrade-libreoffice-pyuno-debuginfo redhat-upgrade-libreoffice-sdk redhat-upgrade-libreoffice-sdk-debuginfo redhat-upgrade-libreoffice-sdk-doc redhat-upgrade-libreoffice-ure redhat-upgrade-libreoffice-ure-common redhat-upgrade-libreoffice-ure-debuginfo redhat-upgrade-libreoffice-wiki-publisher redhat-upgrade-libreoffice-writer redhat-upgrade-libreoffice-writer-debuginfo redhat-upgrade-libreoffice-x11 redhat-upgrade-libreoffice-x11-debuginfo redhat-upgrade-libreoffice-xsltfilter redhat-upgrade-libreofficekit redhat-upgrade-libreofficekit-debuginfo References CVE-2024-6472 RHSA-2024:5583 RHSA-2024:5598 RHSA-2024:5607 RHSA-2024:5608
-
Ivanti Virtual Traffic Manager Authentication Bypass (CVE-2024-7593) Disclosed 08/05/2024 Created 08/27/2024 Description This module exploits an access control issue in Ivanti Virtual Traffic Manager (vTM), by adding a new administrative user to the web interface of the application. Affected versions include 22.7R1, 22.6R1, 22.5R1, 22.3R2, 22.3, 22.2. Author(s) Michael Heinzl ohnoisploited mxalias Development Source Code History
-
Alma Linux: CVE-2024-7409: Moderate: virt:rhel and virt-devel:rhel security update (Multiple Advisories) Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/05/2024 Created 09/27/2024 Added 09/26/2024 Modified 11/19/2024 Description A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. Solution(s) alma-upgrade-hivex alma-upgrade-hivex-devel alma-upgrade-libguestfs alma-upgrade-libguestfs-appliance alma-upgrade-libguestfs-bash-completion alma-upgrade-libguestfs-devel alma-upgrade-libguestfs-gfs2 alma-upgrade-libguestfs-gobject alma-upgrade-libguestfs-gobject-devel alma-upgrade-libguestfs-inspect-icons alma-upgrade-libguestfs-java alma-upgrade-libguestfs-java-devel alma-upgrade-libguestfs-javadoc alma-upgrade-libguestfs-man-pages-ja alma-upgrade-libguestfs-man-pages-uk alma-upgrade-libguestfs-rescue alma-upgrade-libguestfs-rsync alma-upgrade-libguestfs-tools alma-upgrade-libguestfs-tools-c alma-upgrade-libguestfs-winsupport alma-upgrade-libguestfs-xfs alma-upgrade-libiscsi alma-upgrade-libiscsi-devel alma-upgrade-libiscsi-utils alma-upgrade-libnbd alma-upgrade-libnbd-bash-completion alma-upgrade-libnbd-devel alma-upgrade-libtpms alma-upgrade-libtpms-devel alma-upgrade-libvirt alma-upgrade-libvirt-client alma-upgrade-libvirt-daemon alma-upgrade-libvirt-daemon-config-network alma-upgrade-libvirt-daemon-config-nwfilter alma-upgrade-libvirt-daemon-driver-interface alma-upgrade-libvirt-daemon-driver-network alma-upgrade-libvirt-daemon-driver-nodedev alma-upgrade-libvirt-daemon-driver-nwfilter alma-upgrade-libvirt-daemon-driver-qemu alma-upgrade-libvirt-daemon-driver-secret alma-upgrade-libvirt-daemon-driver-storage alma-upgrade-libvirt-daemon-driver-storage-core alma-upgrade-libvirt-daemon-driver-storage-disk alma-upgrade-libvirt-daemon-driver-storage-gluster alma-upgrade-libvirt-daemon-driver-storage-iscsi alma-upgrade-libvirt-daemon-driver-storage-iscsi-direct alma-upgrade-libvirt-daemon-driver-storage-logical alma-upgrade-libvirt-daemon-driver-storage-mpath alma-upgrade-libvirt-daemon-driver-storage-rbd alma-upgrade-libvirt-daemon-driver-storage-scsi alma-upgrade-libvirt-daemon-kvm alma-upgrade-libvirt-dbus alma-upgrade-libvirt-devel alma-upgrade-libvirt-docs alma-upgrade-libvirt-libs alma-upgrade-libvirt-lock-sanlock alma-upgrade-libvirt-nss alma-upgrade-libvirt-wireshark alma-upgrade-lua-guestfs alma-upgrade-nbdfuse alma-upgrade-nbdkit alma-upgrade-nbdkit-bash-completion alma-upgrade-nbdkit-basic-filters alma-upgrade-nbdkit-basic-plugins alma-upgrade-nbdkit-curl-plugin alma-upgrade-nbdkit-devel alma-upgrade-nbdkit-example-plugins alma-upgrade-nbdkit-gzip-filter alma-upgrade-nbdkit-gzip-plugin alma-upgrade-nbdkit-linuxdisk-plugin alma-upgrade-nbdkit-nbd-plugin alma-upgrade-nbdkit-python-plugin alma-upgrade-nbdkit-server alma-upgrade-nbdkit-ssh-plugin alma-upgrade-nbdkit-tar-filter alma-upgrade-nbdkit-tar-plugin alma-upgrade-nbdkit-tmpdisk-plugin alma-upgrade-nbdkit-vddk-plugin alma-upgrade-nbdkit-xz-filter alma-upgrade-netcf alma-upgrade-netcf-devel alma-upgrade-netcf-libs alma-upgrade-ocaml-hivex alma-upgrade-ocaml-hivex-devel alma-upgrade-ocaml-libguestfs alma-upgrade-ocaml-libguestfs-devel alma-upgrade-ocaml-libnbd alma-upgrade-ocaml-libnbd-devel alma-upgrade-perl-hivex alma-upgrade-perl-sys-guestfs alma-upgrade-perl-sys-virt alma-upgrade-python3-hivex alma-upgrade-python3-libguestfs alma-upgrade-python3-libnbd alma-upgrade-python3-libvirt alma-upgrade-qemu-guest-agent alma-upgrade-qemu-img alma-upgrade-qemu-kvm alma-upgrade-qemu-kvm-audio-pa alma-upgrade-qemu-kvm-block-blkio alma-upgrade-qemu-kvm-block-curl alma-upgrade-qemu-kvm-block-gluster alma-upgrade-qemu-kvm-block-iscsi alma-upgrade-qemu-kvm-block-rbd alma-upgrade-qemu-kvm-block-ssh alma-upgrade-qemu-kvm-common alma-upgrade-qemu-kvm-core alma-upgrade-qemu-kvm-device-display-virtio-gpu alma-upgrade-qemu-kvm-device-display-virtio-gpu-ccw alma-upgrade-qemu-kvm-device-display-virtio-gpu-pci alma-upgrade-qemu-kvm-device-display-virtio-vga alma-upgrade-qemu-kvm-device-usb-host alma-upgrade-qemu-kvm-device-usb-redirect alma-upgrade-qemu-kvm-docs alma-upgrade-qemu-kvm-hw-usbredir alma-upgrade-qemu-kvm-tests alma-upgrade-qemu-kvm-tools alma-upgrade-qemu-kvm-ui-egl-headless alma-upgrade-qemu-kvm-ui-opengl alma-upgrade-qemu-kvm-ui-spice alma-upgrade-qemu-pr-helper alma-upgrade-ruby-hivex alma-upgrade-ruby-libguestfs alma-upgrade-seabios alma-upgrade-seabios-bin alma-upgrade-seavgabios-bin alma-upgrade-sgabios alma-upgrade-sgabios-bin alma-upgrade-slof alma-upgrade-supermin alma-upgrade-supermin-devel alma-upgrade-swtpm alma-upgrade-swtpm-devel alma-upgrade-swtpm-libs alma-upgrade-swtpm-tools alma-upgrade-swtpm-tools-pkcs11 alma-upgrade-virt-dib alma-upgrade-virt-v2v alma-upgrade-virt-v2v-bash-completion alma-upgrade-virt-v2v-man-pages-ja alma-upgrade-virt-v2v-man-pages-uk References https://attackerkb.com/topics/cve-2024-7409 CVE - 2024-7409 https://errata.almalinux.org/8/ALSA-2024-6964.html https://errata.almalinux.org/9/ALSA-2024-9136.html
-
Red Hat OpenShift: CVE-2024-7409: QEMU: Denial of Service via Improper Synchronization in QEMU NBD Server During Socket Closure Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/05/2024 Created 09/27/2024 Added 09/26/2024 Modified 12/13/2024 Description A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. Solution(s) linuxrpm-upgrade-rhcos References https://attackerkb.com/topics/cve-2024-7409 CVE - 2024-7409 RHSA-2024:10518 RHSA-2024:10528 RHSA-2024:10813 RHSA-2024:6811 RHSA-2024:6818 RHSA-2024:6964 RHSA-2024:7408 RHSA-2024:8991 RHSA-2024:9136 RHSA-2024:9620 RHSA-2024:9912 View more
-
Debian: CVE-2024-6472: libreoffice -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/05/2024 Created 08/08/2024 Added 08/07/2024 Modified 08/07/2024 Description Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5. Solution(s) debian-upgrade-libreoffice References https://attackerkb.com/topics/cve-2024-6472 CVE - 2024-6472 DSA-5737-1
-
Red Hat: CVE-2024-7383: libnbd: NBD server improper certificate validation (Multiple Advisories) Severity 7 CVSS (AV:N/AC:H/Au:N/C:C/I:C/A:N) Published 08/05/2024 Created 09/20/2024 Added 09/19/2024 Modified 09/25/2024 Description A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic. Solution(s) redhat-upgrade-hivex redhat-upgrade-hivex-debuginfo redhat-upgrade-hivex-debugsource redhat-upgrade-hivex-devel redhat-upgrade-libguestfs redhat-upgrade-libguestfs-appliance redhat-upgrade-libguestfs-bash-completion redhat-upgrade-libguestfs-debuginfo redhat-upgrade-libguestfs-debugsource redhat-upgrade-libguestfs-devel redhat-upgrade-libguestfs-gfs2 redhat-upgrade-libguestfs-gobject redhat-upgrade-libguestfs-gobject-debuginfo redhat-upgrade-libguestfs-gobject-devel redhat-upgrade-libguestfs-inspect-icons redhat-upgrade-libguestfs-java redhat-upgrade-libguestfs-java-debuginfo redhat-upgrade-libguestfs-java-devel redhat-upgrade-libguestfs-javadoc redhat-upgrade-libguestfs-man-pages-ja redhat-upgrade-libguestfs-man-pages-uk redhat-upgrade-libguestfs-rescue redhat-upgrade-libguestfs-rsync redhat-upgrade-libguestfs-tools redhat-upgrade-libguestfs-tools-c redhat-upgrade-libguestfs-tools-c-debuginfo redhat-upgrade-libguestfs-winsupport redhat-upgrade-libguestfs-xfs redhat-upgrade-libiscsi redhat-upgrade-libiscsi-debuginfo redhat-upgrade-libiscsi-debugsource redhat-upgrade-libiscsi-devel redhat-upgrade-libiscsi-utils redhat-upgrade-libiscsi-utils-debuginfo redhat-upgrade-libnbd redhat-upgrade-libnbd-bash-completion redhat-upgrade-libnbd-debuginfo redhat-upgrade-libnbd-debugsource redhat-upgrade-libnbd-devel redhat-upgrade-libtpms redhat-upgrade-libtpms-debuginfo redhat-upgrade-libtpms-debugsource redhat-upgrade-libtpms-devel redhat-upgrade-libvirt redhat-upgrade-libvirt-client redhat-upgrade-libvirt-client-debuginfo redhat-upgrade-libvirt-daemon redhat-upgrade-libvirt-daemon-config-network redhat-upgrade-libvirt-daemon-config-nwfilter redhat-upgrade-libvirt-daemon-debuginfo redhat-upgrade-libvirt-daemon-driver-interface redhat-upgrade-libvirt-daemon-driver-interface-debuginfo redhat-upgrade-libvirt-daemon-driver-network redhat-upgrade-libvirt-daemon-driver-network-debuginfo redhat-upgrade-libvirt-daemon-driver-nodedev redhat-upgrade-libvirt-daemon-driver-nodedev-debuginfo redhat-upgrade-libvirt-daemon-driver-nwfilter redhat-upgrade-libvirt-daemon-driver-nwfilter-debuginfo redhat-upgrade-libvirt-daemon-driver-qemu redhat-upgrade-libvirt-daemon-driver-qemu-debuginfo redhat-upgrade-libvirt-daemon-driver-secret redhat-upgrade-libvirt-daemon-driver-secret-debuginfo redhat-upgrade-libvirt-daemon-driver-storage redhat-upgrade-libvirt-daemon-driver-storage-core redhat-upgrade-libvirt-daemon-driver-storage-core-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-disk redhat-upgrade-libvirt-daemon-driver-storage-disk-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-gluster redhat-upgrade-libvirt-daemon-driver-storage-gluster-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-iscsi redhat-upgrade-libvirt-daemon-driver-storage-iscsi-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-iscsi-direct redhat-upgrade-libvirt-daemon-driver-storage-iscsi-direct-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-logical redhat-upgrade-libvirt-daemon-driver-storage-logical-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-mpath redhat-upgrade-libvirt-daemon-driver-storage-mpath-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-rbd redhat-upgrade-libvirt-daemon-driver-storage-rbd-debuginfo redhat-upgrade-libvirt-daemon-driver-storage-scsi redhat-upgrade-libvirt-daemon-driver-storage-scsi-debuginfo redhat-upgrade-libvirt-daemon-kvm redhat-upgrade-libvirt-dbus redhat-upgrade-libvirt-dbus-debuginfo redhat-upgrade-libvirt-dbus-debugsource redhat-upgrade-libvirt-debuginfo redhat-upgrade-libvirt-debugsource redhat-upgrade-libvirt-devel redhat-upgrade-libvirt-docs redhat-upgrade-libvirt-libs redhat-upgrade-libvirt-libs-debuginfo redhat-upgrade-libvirt-lock-sanlock redhat-upgrade-libvirt-lock-sanlock-debuginfo redhat-upgrade-libvirt-nss redhat-upgrade-libvirt-nss-debuginfo redhat-upgrade-libvirt-python-debugsource redhat-upgrade-libvirt-wireshark redhat-upgrade-libvirt-wireshark-debuginfo redhat-upgrade-lua-guestfs redhat-upgrade-lua-guestfs-debuginfo redhat-upgrade-nbdfuse redhat-upgrade-nbdfuse-debuginfo redhat-upgrade-nbdkit redhat-upgrade-nbdkit-bash-completion redhat-upgrade-nbdkit-basic-filters redhat-upgrade-nbdkit-basic-filters-debuginfo redhat-upgrade-nbdkit-basic-plugins redhat-upgrade-nbdkit-basic-plugins-debuginfo redhat-upgrade-nbdkit-curl-plugin redhat-upgrade-nbdkit-curl-plugin-debuginfo redhat-upgrade-nbdkit-debuginfo redhat-upgrade-nbdkit-debugsource redhat-upgrade-nbdkit-devel redhat-upgrade-nbdkit-example-plugins redhat-upgrade-nbdkit-example-plugins-debuginfo redhat-upgrade-nbdkit-gzip-filter redhat-upgrade-nbdkit-gzip-filter-debuginfo redhat-upgrade-nbdkit-gzip-plugin redhat-upgrade-nbdkit-gzip-plugin-debuginfo redhat-upgrade-nbdkit-linuxdisk-plugin redhat-upgrade-nbdkit-linuxdisk-plugin-debuginfo redhat-upgrade-nbdkit-nbd-plugin redhat-upgrade-nbdkit-nbd-plugin-debuginfo redhat-upgrade-nbdkit-python-plugin redhat-upgrade-nbdkit-python-plugin-debuginfo redhat-upgrade-nbdkit-server redhat-upgrade-nbdkit-server-debuginfo redhat-upgrade-nbdkit-ssh-plugin redhat-upgrade-nbdkit-ssh-plugin-debuginfo redhat-upgrade-nbdkit-tar-filter redhat-upgrade-nbdkit-tar-filter-debuginfo redhat-upgrade-nbdkit-tar-plugin redhat-upgrade-nbdkit-tar-plugin-debuginfo redhat-upgrade-nbdkit-tmpdisk-plugin redhat-upgrade-nbdkit-tmpdisk-plugin-debuginfo redhat-upgrade-nbdkit-vddk-plugin redhat-upgrade-nbdkit-vddk-plugin-debuginfo redhat-upgrade-nbdkit-xz-filter redhat-upgrade-nbdkit-xz-filter-debuginfo redhat-upgrade-netcf redhat-upgrade-netcf-debuginfo redhat-upgrade-netcf-debugsource redhat-upgrade-netcf-devel redhat-upgrade-netcf-libs redhat-upgrade-netcf-libs-debuginfo redhat-upgrade-ocaml-hivex redhat-upgrade-ocaml-hivex-debuginfo redhat-upgrade-ocaml-hivex-devel redhat-upgrade-ocaml-libguestfs redhat-upgrade-ocaml-libguestfs-debuginfo redhat-upgrade-ocaml-libguestfs-devel redhat-upgrade-ocaml-libnbd redhat-upgrade-ocaml-libnbd-debuginfo redhat-upgrade-ocaml-libnbd-devel redhat-upgrade-perl-hivex redhat-upgrade-perl-hivex-debuginfo redhat-upgrade-perl-sys-guestfs redhat-upgrade-perl-sys-guestfs-debuginfo redhat-upgrade-perl-sys-virt redhat-upgrade-perl-sys-virt-debuginfo redhat-upgrade-perl-sys-virt-debugsource redhat-upgrade-python3-hivex redhat-upgrade-python3-hivex-debuginfo redhat-upgrade-python3-libguestfs redhat-upgrade-python3-libguestfs-debuginfo redhat-upgrade-python3-libnbd redhat-upgrade-python3-libnbd-debuginfo redhat-upgrade-python3-libvirt redhat-upgrade-python3-libvirt-debuginfo redhat-upgrade-qemu-guest-agent redhat-upgrade-qemu-guest-agent-debuginfo redhat-upgrade-qemu-img redhat-upgrade-qemu-img-debuginfo redhat-upgrade-qemu-kvm redhat-upgrade-qemu-kvm-block-curl redhat-upgrade-qemu-kvm-block-curl-debuginfo redhat-upgrade-qemu-kvm-block-gluster redhat-upgrade-qemu-kvm-block-gluster-debuginfo redhat-upgrade-qemu-kvm-block-iscsi redhat-upgrade-qemu-kvm-block-iscsi-debuginfo redhat-upgrade-qemu-kvm-block-rbd redhat-upgrade-qemu-kvm-block-rbd-debuginfo redhat-upgrade-qemu-kvm-block-ssh redhat-upgrade-qemu-kvm-block-ssh-debuginfo redhat-upgrade-qemu-kvm-common redhat-upgrade-qemu-kvm-common-debuginfo redhat-upgrade-qemu-kvm-core redhat-upgrade-qemu-kvm-core-debuginfo redhat-upgrade-qemu-kvm-debuginfo redhat-upgrade-qemu-kvm-debugsource redhat-upgrade-qemu-kvm-docs redhat-upgrade-qemu-kvm-hw-usbredir redhat-upgrade-qemu-kvm-hw-usbredir-debuginfo redhat-upgrade-qemu-kvm-tests redhat-upgrade-qemu-kvm-ui-opengl redhat-upgrade-qemu-kvm-ui-opengl-debuginfo redhat-upgrade-qemu-kvm-ui-spice redhat-upgrade-qemu-kvm-ui-spice-debuginfo redhat-upgrade-ruby-hivex redhat-upgrade-ruby-hivex-debuginfo redhat-upgrade-ruby-libguestfs redhat-upgrade-ruby-libguestfs-debuginfo redhat-upgrade-seabios redhat-upgrade-seabios-bin redhat-upgrade-seavgabios-bin redhat-upgrade-sgabios redhat-upgrade-sgabios-bin redhat-upgrade-slof redhat-upgrade-supermin redhat-upgrade-supermin-debuginfo redhat-upgrade-supermin-debugsource redhat-upgrade-supermin-devel redhat-upgrade-swtpm redhat-upgrade-swtpm-debuginfo redhat-upgrade-swtpm-debugsource redhat-upgrade-swtpm-devel redhat-upgrade-swtpm-libs redhat-upgrade-swtpm-libs-debuginfo redhat-upgrade-swtpm-tools redhat-upgrade-swtpm-tools-debuginfo redhat-upgrade-swtpm-tools-pkcs11 redhat-upgrade-virt-dib redhat-upgrade-virt-dib-debuginfo redhat-upgrade-virt-v2v redhat-upgrade-virt-v2v-bash-completion redhat-upgrade-virt-v2v-debuginfo redhat-upgrade-virt-v2v-debugsource redhat-upgrade-virt-v2v-man-pages-ja redhat-upgrade-virt-v2v-man-pages-uk References CVE-2024-7383 RHSA-2024:6757 RHSA-2024:6964
-
Oracle Linux: CVE-2024-6472: ELSA-2024-5598:libreoffice security update (MODERATE) (Multiple Advisories) Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 08/05/2024 Created 10/18/2024 Added 10/16/2024 Modified 01/23/2025 Description Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed. Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway. This issue affects LibreOffice: from 24.2 before 24.2.5. A vulnerability was found in versions of LibreOffice from 24.2 to before 24.2.5. When a document containing a signed macro fails verification, LibreOffice will display a warning which the user can choose to ignore the failure and enable the macro anyways. Solution(s) oracle-linux-upgrade-autocorr-af oracle-linux-upgrade-autocorr-bg oracle-linux-upgrade-autocorr-ca oracle-linux-upgrade-autocorr-cs oracle-linux-upgrade-autocorr-da oracle-linux-upgrade-autocorr-de oracle-linux-upgrade-autocorr-dsb oracle-linux-upgrade-autocorr-el oracle-linux-upgrade-autocorr-en oracle-linux-upgrade-autocorr-es oracle-linux-upgrade-autocorr-fa oracle-linux-upgrade-autocorr-fi oracle-linux-upgrade-autocorr-fr oracle-linux-upgrade-autocorr-ga oracle-linux-upgrade-autocorr-hr oracle-linux-upgrade-autocorr-hsb oracle-linux-upgrade-autocorr-hu oracle-linux-upgrade-autocorr-is oracle-linux-upgrade-autocorr-it oracle-linux-upgrade-autocorr-ja oracle-linux-upgrade-autocorr-ko oracle-linux-upgrade-autocorr-lb oracle-linux-upgrade-autocorr-lt oracle-linux-upgrade-autocorr-mn oracle-linux-upgrade-autocorr-nl oracle-linux-upgrade-autocorr-pl oracle-linux-upgrade-autocorr-pt oracle-linux-upgrade-autocorr-ro oracle-linux-upgrade-autocorr-ru oracle-linux-upgrade-autocorr-sk oracle-linux-upgrade-autocorr-sl oracle-linux-upgrade-autocorr-sr oracle-linux-upgrade-autocorr-sv oracle-linux-upgrade-autocorr-tr oracle-linux-upgrade-autocorr-vi oracle-linux-upgrade-autocorr-vro oracle-linux-upgrade-autocorr-zh oracle-linux-upgrade-libreoffice oracle-linux-upgrade-libreoffice-base oracle-linux-upgrade-libreoffice-calc oracle-linux-upgrade-libreoffice-core oracle-linux-upgrade-libreoffice-data oracle-linux-upgrade-libreoffice-draw oracle-linux-upgrade-libreoffice-emailmerge oracle-linux-upgrade-libreoffice-filters oracle-linux-upgrade-libreoffice-gdb-debug-support oracle-linux-upgrade-libreoffice-graphicfilter oracle-linux-upgrade-libreoffice-gtk3 oracle-linux-upgrade-libreoffice-help-ar oracle-linux-upgrade-libreoffice-help-bg oracle-linux-upgrade-libreoffice-help-bn oracle-linux-upgrade-libreoffice-help-ca oracle-linux-upgrade-libreoffice-help-cs oracle-linux-upgrade-libreoffice-help-da oracle-linux-upgrade-libreoffice-help-de oracle-linux-upgrade-libreoffice-help-dz oracle-linux-upgrade-libreoffice-help-el oracle-linux-upgrade-libreoffice-help-en oracle-linux-upgrade-libreoffice-help-eo oracle-linux-upgrade-libreoffice-help-es oracle-linux-upgrade-libreoffice-help-et oracle-linux-upgrade-libreoffice-help-eu oracle-linux-upgrade-libreoffice-help-fi oracle-linux-upgrade-libreoffice-help-fr oracle-linux-upgrade-libreoffice-help-gl oracle-linux-upgrade-libreoffice-help-gu oracle-linux-upgrade-libreoffice-help-he oracle-linux-upgrade-libreoffice-help-hi oracle-linux-upgrade-libreoffice-help-hr oracle-linux-upgrade-libreoffice-help-hu oracle-linux-upgrade-libreoffice-help-id oracle-linux-upgrade-libreoffice-help-it oracle-linux-upgrade-libreoffice-help-ja oracle-linux-upgrade-libreoffice-help-ko oracle-linux-upgrade-libreoffice-help-lt oracle-linux-upgrade-libreoffice-help-lv oracle-linux-upgrade-libreoffice-help-nb oracle-linux-upgrade-libreoffice-help-nl oracle-linux-upgrade-libreoffice-help-nn oracle-linux-upgrade-libreoffice-help-pl oracle-linux-upgrade-libreoffice-help-pt-br oracle-linux-upgrade-libreoffice-help-pt-pt oracle-linux-upgrade-libreoffice-help-ro oracle-linux-upgrade-libreoffice-help-ru oracle-linux-upgrade-libreoffice-help-si oracle-linux-upgrade-libreoffice-help-sk oracle-linux-upgrade-libreoffice-help-sl oracle-linux-upgrade-libreoffice-help-sv oracle-linux-upgrade-libreoffice-help-ta oracle-linux-upgrade-libreoffice-help-tr oracle-linux-upgrade-libreoffice-help-uk oracle-linux-upgrade-libreoffice-help-zh-hans oracle-linux-upgrade-libreoffice-help-zh-hant oracle-linux-upgrade-libreoffice-impress oracle-linux-upgrade-libreofficekit oracle-linux-upgrade-libreoffice-langpack-af oracle-linux-upgrade-libreoffice-langpack-ar oracle-linux-upgrade-libreoffice-langpack-as oracle-linux-upgrade-libreoffice-langpack-bg oracle-linux-upgrade-libreoffice-langpack-bn oracle-linux-upgrade-libreoffice-langpack-br oracle-linux-upgrade-libreoffice-langpack-ca oracle-linux-upgrade-libreoffice-langpack-cs oracle-linux-upgrade-libreoffice-langpack-cy oracle-linux-upgrade-libreoffice-langpack-da oracle-linux-upgrade-libreoffice-langpack-de oracle-linux-upgrade-libreoffice-langpack-dz oracle-linux-upgrade-libreoffice-langpack-el oracle-linux-upgrade-libreoffice-langpack-en oracle-linux-upgrade-libreoffice-langpack-eo oracle-linux-upgrade-libreoffice-langpack-es oracle-linux-upgrade-libreoffice-langpack-et oracle-linux-upgrade-libreoffice-langpack-eu oracle-linux-upgrade-libreoffice-langpack-fa oracle-linux-upgrade-libreoffice-langpack-fi oracle-linux-upgrade-libreoffice-langpack-fr oracle-linux-upgrade-libreoffice-langpack-fy oracle-linux-upgrade-libreoffice-langpack-ga oracle-linux-upgrade-libreoffice-langpack-gl oracle-linux-upgrade-libreoffice-langpack-gu oracle-linux-upgrade-libreoffice-langpack-he oracle-linux-upgrade-libreoffice-langpack-hi oracle-linux-upgrade-libreoffice-langpack-hr oracle-linux-upgrade-libreoffice-langpack-hu oracle-linux-upgrade-libreoffice-langpack-id oracle-linux-upgrade-libreoffice-langpack-it oracle-linux-upgrade-libreoffice-langpack-ja oracle-linux-upgrade-libreoffice-langpack-kk oracle-linux-upgrade-libreoffice-langpack-kn oracle-linux-upgrade-libreoffice-langpack-ko oracle-linux-upgrade-libreoffice-langpack-lt oracle-linux-upgrade-libreoffice-langpack-lv oracle-linux-upgrade-libreoffice-langpack-mai oracle-linux-upgrade-libreoffice-langpack-ml oracle-linux-upgrade-libreoffice-langpack-mr oracle-linux-upgrade-libreoffice-langpack-nb oracle-linux-upgrade-libreoffice-langpack-nl oracle-linux-upgrade-libreoffice-langpack-nn oracle-linux-upgrade-libreoffice-langpack-nr oracle-linux-upgrade-libreoffice-langpack-nso oracle-linux-upgrade-libreoffice-langpack-or oracle-linux-upgrade-libreoffice-langpack-pa oracle-linux-upgrade-libreoffice-langpack-pl oracle-linux-upgrade-libreoffice-langpack-pt-br oracle-linux-upgrade-libreoffice-langpack-pt-pt oracle-linux-upgrade-libreoffice-langpack-ro oracle-linux-upgrade-libreoffice-langpack-ru oracle-linux-upgrade-libreoffice-langpack-si oracle-linux-upgrade-libreoffice-langpack-sk oracle-linux-upgrade-libreoffice-langpack-sl oracle-linux-upgrade-libreoffice-langpack-sr oracle-linux-upgrade-libreoffice-langpack-ss oracle-linux-upgrade-libreoffice-langpack-st oracle-linux-upgrade-libreoffice-langpack-sv oracle-linux-upgrade-libreoffice-langpack-ta oracle-linux-upgrade-libreoffice-langpack-te oracle-linux-upgrade-libreoffice-langpack-th oracle-linux-upgrade-libreoffice-langpack-tn oracle-linux-upgrade-libreoffice-langpack-tr oracle-linux-upgrade-libreoffice-langpack-ts oracle-linux-upgrade-libreoffice-langpack-uk oracle-linux-upgrade-libreoffice-langpack-ve oracle-linux-upgrade-libreoffice-langpack-xh oracle-linux-upgrade-libreoffice-langpack-zh-hans oracle-linux-upgrade-libreoffice-langpack-zh-hant oracle-linux-upgrade-libreoffice-langpack-zu oracle-linux-upgrade-libreoffice-math oracle-linux-upgrade-libreoffice-ogltrans oracle-linux-upgrade-libreoffice-opensymbol-fonts oracle-linux-upgrade-libreoffice-pdfimport oracle-linux-upgrade-libreoffice-pyuno oracle-linux-upgrade-libreoffice-sdk oracle-linux-upgrade-libreoffice-sdk-doc oracle-linux-upgrade-libreoffice-ure oracle-linux-upgrade-libreoffice-ure-common oracle-linux-upgrade-libreoffice-wiki-publisher oracle-linux-upgrade-libreoffice-writer oracle-linux-upgrade-libreoffice-x11 oracle-linux-upgrade-libreoffice-xsltfilter References https://attackerkb.com/topics/cve-2024-6472 CVE - 2024-6472 ELSA-2024-5598 ELSA-2024-5583
-
Debian: CVE-2024-7409: qemu -- security update Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 08/05/2024 Created 01/14/2025 Added 01/13/2025 Modified 01/13/2025 Description A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline. Solution(s) debian-upgrade-qemu References https://attackerkb.com/topics/cve-2024-7409 CVE - 2024-7409
-
Debian: CVE-2024-6999: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-6999 CVE - 2024-6999 DSA-5735-1
-
Debian: CVE-2024-6995: chromium -- security update Severity 4 CVSS (AV:N/AC:M/Au:N/C:N/I:P/A:N) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-6995 CVE - 2024-6995 DSA-5735-1
-
Apache OFBiz: CVE-2024-38856: Incorrect Authorization vulnerability. Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 08/05/2024 Created 09/06/2024 Added 12/23/2024 Modified 12/23/2024 Description Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through 18.12.14. Users are recommended to upgrade to version 18.12.15, which fixes the issue. Unauthenticated endpoints could allow execution of screen rendering code of screens if some preconditions are met (such as when the screen definitions don't explicitly check user's permissions because they rely on the configuration of their endpoints). Solution(s) apache-ofbiz-upgrade-latest References https://attackerkb.com/topics/cve-2024-38856 CVE - 2024-38856
-
Debian: CVE-2024-6996: chromium -- security update Severity 3 CVSS (AV:N/AC:H/Au:N/C:N/I:P/A:N) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Race in Frames in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-6996 CVE - 2024-6996 DSA-5735-1
-
Debian: CVE-2024-7255: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-7255 CVE - 2024-7255 DSA-5735-1
-
Debian: CVE-2024-6997: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Use after free in Tabs in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-6997 CVE - 2024-6997 DSA-5735-1
-
Debian: CVE-2024-6994: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-6994 CVE - 2024-6994 DSA-5735-1
-
Debian: CVE-2024-7000: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Use after free in CSS in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-7000 CVE - 2024-7000 DSA-5735-1
-
Debian: CVE-2024-6991: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-6991 CVE - 2024-6991 DSA-5735-1
-
Red Hat JBossEAP: Improper Verification of Cryptographic Signature (CVE-2024-42461) Severity 5 CVSS (AV:N/AC:L/Au:N/C:P/I:N/A:N) Published 08/02/2024 Created 09/20/2024 Added 09/19/2024 Modified 12/20/2024 Description In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed.. A flaw was found in the Elliptic package for Node.js. ECDSA signatures encoded in BER format are improperly validated, allowing leading zeros to be added to the signature without invalidating it, resulting in confidentiality issues. Solution(s) red-hat-jboss-eap-upgrade-latest References https://attackerkb.com/topics/cve-2024-42461 CVE - 2024-42461 https://access.redhat.com/security/cve/CVE-2024-42461 https://bugzilla.redhat.com/show_bug.cgi?id=2302460 https://github.com/indutny/elliptic/pull/317
-
Debian: CVE-2024-6988: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Use after free in Downloads in Google Chrome on iOS prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-6988 CVE - 2024-6988 DSA-5735-1
-
Debian: CVE-2024-6990: chromium -- security update Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 08/02/2024 Created 08/03/2024 Added 08/02/2024 Modified 01/28/2025 Description Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) Solution(s) debian-upgrade-chromium References https://attackerkb.com/topics/cve-2024-6990 CVE - 2024-6990 DSA-5735-1
-
Alpine Linux: CVE-2024-41965: Double Free Severity 4 CVSS (AV:L/AC:H/Au:S/C:P/I:P/A:P) Published 08/01/2024 Created 10/02/2024 Added 10/01/2024 Modified 10/02/2024 Description Vim is an open source command line text editor. double-free in dialog_changed() in Vim < v9.1.0648. When abandoning a buffer, Vim may ask the user what to do with the modified buffer. If the user wants the changed buffer to be saved, Vim may create a new Untitled file, if the buffer did not have a name yet. However, when setting the buffer name to Unnamed, Vim will falsely free a pointer twice, leading to a double-free and possibly later to a heap-use-after-free, which can lead to a crash. The issue has been fixed as of Vim patch v9.1.0648. Solution(s) alpine-linux-upgrade-vim References https://attackerkb.com/topics/cve-2024-41965 CVE - 2024-41965 https://security.alpinelinux.org/vuln/CVE-2024-41965