CVE-2024-21244

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Telemetry. Supported versions that are affected are 8.4.2 and prior and 9.0.1 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...

[SECURITY] Fedora 39 Update: rust-nu-protocol-0.96.1-3.fc39

Nushell's internal protocols, including its abstract syntax tree...

Fedora 40 : python-cramjam / rust-async-compression / rust-brotli / etc (2024-b9fc60e1f0)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-b9fc60e1f0 advisory. Update rust-brotli-decompressor to 4.0.1, rust-brotli to 7.0.0, and rust-async-compression to 0.4.13. Patch dependent packages as needed to avoid compat...

Fedora 39 : python-cramjam / rust-async-compression / rust-brotli / etc (2024-8831059030)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-8831059030 advisory. Update rust-brotli-decompressor to 4.0.1, rust-brotli to 7.0.0, and rust-async-compression to 0.4.13. Patch dependent packages as needed to avoid compat...

Extract has insufficient checks allowing attacker to create symlinks outside the extraction directory.

Impact A maliciously crafted archive may allow an attacker to create a symlink outside the extraction target directory. Patches Please use version 4.0.0 or later github.com/codeclysm/extract/v4. Any previous version is affected by the bug. Workarounds No knows workarounds. Backward compatibility...

Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms

Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing that stood out was the script's obfuscation, which seemed a bit bizarre because of all the accented...

Supra Redefines the Layer-2 Debate with “Supra Containers” – Is This the End of L2s?

Zug, Switzerland, October 8, 2024 // Supra, the 500k TPS Layer-1 blockchain with MultiVM compatibility for MoveVM and…...

OPENSUSE-SU-2024:0329-1 Security update for seamonkey

This update for seamonkey fixes the following issues: update to SeaMonkey 2.53.19: Cancel button in SeaMonkey bookmarking star ui not working bug 1872623. Remove OfflineAppCacheHelper.jsm copy from SeaMonkey and use the one in toolkit bug 1896292. Remove obsolete registerFactoryLocation calls fro...

[SECURITY] Fedora 41 Update: logiops-0.3.5-1.fc41

This is an unofficial driver for Logitech mice and keyboard. This is currently only compatible with HID++ 2.0 devices...

CentOS 7 : compat-exiv2-023 (RHSA-2021:3234)

The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3234 advisory. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-29457. Reason: This candidate is a duplicate of CVE-2021-29457. Notes: All CVE users...

Patch Tuesday, October 2024 Edition

Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new...

PT-2024-18880 · Qualcomm · Snapdragon +19

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue involves memory corruption that occurs when a compat IOCTL call is followed by another IOCTL call from userspace to a driver. This can lead to...

Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Golang Go sensitive information disclosure vulnerabilitiy( CVE-2023-45289)

Summary Potential Golang Go sensitive information disclosure vulnerabilitiyCVE-2023-45289 has been identified that may affect IBM Watson CP4D Data Stores. The vulnerability have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-45289 DESCRIPTION:...

Release Information for Veeam Backup for Nutanix AHV 6.1

This update has been superseded by Veeam Backup for Nutanix AHV 7.0, which was released alongside and supports only Veeam Backup & Replication 12.3. Requirements To upgrade to Veeam Backup for Nutanix AHV 6.1, download the installer below and run it on the Veeam Backup & Replication server that...

Apple’s macOS Sequoia Update Breaks Security Tools

Apples macOS Sequoia update is causing major compatibility issues with popular security tools. Reportedly, users are facing disruptions…...

[SECURITY] [DLA 3891-1] mariadb-10.5 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3891-1 [email protected] https://www.debian.org/lts/security/ Otto Kekäläinen September 18, 2024 https://wiki.debian.org/LTS -...

kernel: mm/filemap: make MAX_PAGECACHE_ORDER acceptable to xarray

In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER acceptable to xarray Patch series "mm/filemap: Limit page cache size to that supported by xarray", v2. Currently, xarray can't support arbitrary page cache size. More details can be found from t...

Amazon Linux 2 : firefox (ALASFIREFOX-2024-030)

The version of firefox installed on the remote host is prior to 115.14.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2024-030 advisory. Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be...

Debian dla-3891 : libmariadb-dev - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-3891 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3891-1 [email protected] https://www.debian.org/lts/security/...

@adhd/react-hooks (=2.2.1), @aklesky/vite-config (>=0.7.9 <=0.9.0) +252 more potentially affected by CVE-2024-45812 via vite (>=5.0.0 <=5.1.7)

vite NPM version =5.0.0, =0.7.9, =17.1.0, =1.0.25-beta.0, =0.5.0, =2.0.0-beta.0, =0.22.0, =1.0.1, =1.0.0, =1.0.0, =0.9.0, =1.0.0-alpha.13, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.4 and more Source cves: CVE-2024-45812 Source advisory: OSV:GHSA-64VR-G452-QVP3...