The vulnerability of the Veeam Agent for Microsoft Windows data backup tool lies in the use of an unreliable search path, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Veeam Agent for Microsoft Windows data backup tool is related to the use of an unreliable search path. Exploiting this vulnerability allows attackers to execute arbitrary code by introducing malicious DLL libraries...

USN-7178-1: DPDK vulnerability

It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this issue to cause the hypervisor's vSwitch to crash, resulting in a denial of service...

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescripteslinter/eslint and types-node, are engineered to...

[SECURITY] Fedora 41 Update: glibc-2.40-14.fc41

The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make upgrading easier, common system code is kept in one place and shared between programs. This particular package contains the most important se...

[SECURITY] Fedora 41 Update: python3.14-3.14.0~a2-2.fc41

Python 3.14 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.14 package provides the "python3.14" executable:...

[SECURITY] Fedora 40 Update: python3.13-3.13.1-2.fc40

Python 3.13 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.13 package provides the "python3.13" executable:...

CVE-2024-41138

A library injection vulnerability exists in the com.microsoft.teams2.modulehost.app helper app of Microsoft Teams work or school 24046.2813.2770.1094 for macOS. A specially crafted library can leverage Teams's access privileges, leading to a permission bypass. A malicious application could inject...

Moderate: Red Hat Security Advisory: mpg123 security update

An update for mpg123 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

[SECURITY] Fedora 40 Update: golang-x-crypto-0.31.0-2.fc40

Go supplementary cryptography libraries...

[SECURITY] Fedora 40 Update: kernel-headers-6.12.4-100.fc40

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

[SECURITY] Fedora 41 Update: golang-x-crypto-0.31.0-2.fc41

Go supplementary cryptography libraries...

[SECURITY] Fedora 41 Update: kernel-headers-6.12.4-200.fc41

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

[SECURITY] Fedora 40 Update: python3.10-3.10.16-1.fc40

Python 3.10 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.10 package provides the "python3.10" executable:...

CVE-2024-52062

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0...

CVE-2024-52064

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0...

CVE-2024-52063

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before...

CVE-2024-52063

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.5, from 6.1.0 before 6.1.2.21, from 6.0.0 before...

CVE-2024-52061

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries, Queuing Service, Recording Service, Routing Service allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.4.0 before 7.5.0, from 7.0.0 before...

CVE-2024-52064

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Core Libraries allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.21, from 6.0.0 before 6.0.1.40, from 5.0.0...

CVE-2024-52064

The CVE-2024-52064 issue affects RTI Connext Professional (Core Libraries) and is due to a Buffer Copy without Checking Size of Input. Affected: Connext Professional versions 7.0.0–7.3.0.2 (before 7.3.0.2), 6.1.0–6.1.2.21, 6.0.0–6.0.1.40, and 5.0.0–5.3.1.45. Impact described as potential overflow...