forgejo -- multiple issues

The forgejo team reports: CVE-2024-24789: The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the...

Microsoft Edge (Chromium) < 122.0.2365.120 / 123.0.2420.81 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 122.0.2365.120 / 123.0.2420.81. It is, therefore, affected by multiple vulnerabilities as referenced in the April 4, 2024 advisory. - Microsoft Edge Chromium-based Webview2 Spoofing Vulnerability CVE-2024-29049 -...

CVE-2024-26732

In the Linux kernel, the following vulnerability has been resolved: net: implement lockless setsockoptSOPEEKOFF syzbot reported a lockdep violation 1 involving afunix support of SOPEEKOFF. Since SOPEEKOFF is inherently not thread safe it uses a per-socket skpeekoff field, there is really no point...

CVE-2024-27338

CVE-2024-27338 affects Kofax Power PDF. The flaw is in the app.response method, caused by insufficient validation of user-supplied data, which can lead to a read past the end of an allocated object and remote code execution. Exploitation requires user interaction (target user visits a malicious p...

SUSE-SU-2024:1103-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2024-26327: Fixed buffer overflow via invalid SR/IOV NumVFs value bsc1220062. - CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI command bsc1220134. - CVE-2023-6693: Fixed stack buffer overflow in virtionetflushtx...

CVE-2024-28836

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-only server...

HTTP/2 CONTINUATION frames can be utilized for DoS attacks

Overview HTTP allows messages to include named fields in both header and trailer sections. These header and trailer fields are serialised as field blocks in HTTP/2, so that they can be transmitted in multiple fragments to the target implementation. Many HTTP/2 implementations do not properly limi...

CVE-2024-20849

Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code...

Google Chrome < 123.0.6312.105 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 123.0.6312.105. It is, therefore, affected by multiple vulnerabilities as referenced in the 202404stable-channel-update-for-desktop advisory. - Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105...

RUSTSEC-2024-0429 Unsoundness in `Iterator` and `DoubleEndedIterator` impls for `glib::VariantStrIter`

The VariantStrIter::implget function called internally by implementations of the Iterator and DoubleEndedIterator traits for this type was unsound, resulting in undefined behaviour. An immutable reference &p to a mut libc::cchar pointer initialized to NULL was passed as an argument to a C functio...

Fedora 38 : prometheus-podman-exporter (2024-45f0a1df95)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-45f0a1df95 advisory. release v1.11.0 ---- release v1.10.1 ---- release v1.10.0 Tenable has extracted the preceding description block directly from the Fedora security advisory...

Debian dsa-5648 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5648 advisory. - Object lifecycle issue in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page...

GHSA-R75M-26CQ-MJXC Serverpod improved security for stored password hashes

Description Improved security for stored password hashes Serverpod now uses the OWASP, source, recommended Argon2Id password hash algorithm to store password hashes for the email authentication module. Starting from Serverpod 1.2.6 all users that either creates an account or authenticates with th...

RLSA-2024:1311 Moderate: .NET 8.0 security update

.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 8.0.103 and .NET Runtime 8.0.3...

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent...

User Interface (UI) Misrepresentation Of Critical Information

chromium is vulnerable to User Interface UI Misrepresentation of Critical Information. The vulnerability is due to inappropriate implementation in iOS, which allows a remote attacker to perform UI spoofing via a crafted HTML page...

RHEL 9 : nodejs:18 (RHSA-2024:1503)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1503 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

Microsoft Edge (Chromium) < 123.0.2420.53 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 123.0.2420.53. It is, therefore, affected by multiple vulnerabilities as referenced in the March 22, 2024 advisory. - Microsoft Edge Chromium-based Security Feature Bypass Vulnerability CVE-2024-26247 - Object lifecycl...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1417)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-29018

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...