Kategorie: Allgemein

[UPDATE] [hoch] Microsoft Windows und Microsoft Windows Server: Mehrere Schwachstellen

Ein entfernter, anonymer, authentisierter oder lokaler Angreifer kann mehrere Schwachstellen in Microsoft Windows und Microsoft Windows Server ausnutzen, um beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen, einen Denial-of-Service-Zustand auszulösen, seine Privilegien zu erweitern und Informationen falsch darzustellen.

[UPDATE] [mittel] Red Hat Ansible Automation Platform: Schwachstelle ermöglicht Denial of Service

Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat Ansible Automation Platform ausnutzen, um einen Denial of Service Angriff durchzuführen.

Sicherheitslücken in Microsofts WiX-Installer-Toolset gestopft

Das quelloffene WiX-Installer-Toolset von Microsoft hat zwei Sicherheitslücken. Die dichten aktualisierte Versionen ab.

Firefox: Notfall-Update schließt kritische Sicherheitslücken

Die Mozilla-Entwickler haben zwei kritische Sicherheitslücken mit dem Update auf Firefox 124.0.1 und Firefox ESR 115.9.1 geschlossen.

CVE-2024-29059 .NET Framework Information Disclosure Vulnerability

Information published. This CVE was addressed by updates that were released in January 2024, but the CVE was inadvertently omitted from the January 2024 Security Updates. This is an informational change only. Customers who have already installed the January 2024 updates do not need to take any further action.

Chromium: CVE-2024-2628 Inappropriate implementation in Downloads

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.

Chromium: CVE-2024-2627 Use after free in Canvas

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.

Chromium: CVE-2024-2629 Incorrect security UI in iOS

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.

Chromium: CVE-2024-2626 Out of bounds read in Swiftshader

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.