#libvpx — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #libvpx, aggregated by home.social.
-
#BSI WID-SEC-2024-1945: [NEU] [mittel] #Red #Hat #Enterprise #Linux (#libvpx): Mehrere Schwachstellen ermöglichen Denial of Service
Ein entfernter Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux in der Komponente libvpx ausnutzen, um einen Denial of Service Angriff durchzuführen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1945
-
Patch Tuesday, October 2023 Edition
https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/
#PatchTuesdayOctober2023 #RapidResetAttack #SkypeforBusiness #CVE-2023-35349 #CVE-2023-36563 #CVE-2023-36778 #CVE-2023-41763 #CVE-2023-44487 #DamianMenscher #SecurityTools #ImmersiveLabs #iPadOS17.0.3 #NatalieSilva #TimetoPatch #AdamBarnett #CloudFlare #iOS17.0.3 #microsoft #windows #Wordpad #Amazon #google #libvpx #Rapid7 #apple
-
Patch Tuesday, October 2023 Edition
https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/
#PatchTuesdayOctober2023 #RapidResetAttack #SkypeforBusiness #CVE-2023-35349 #CVE-2023-36563 #CVE-2023-36778 #CVE-2023-41763 #CVE-2023-44487 #DamianMenscher #SecurityTools #ImmersiveLabs #iPadOS17.0.3 #NatalieSilva #TimetoPatch #AdamBarnett #CloudFlare #iOS17.0.3 #microsoft #windows #Wordpad #Amazon #google #libvpx #Rapid7 #apple
-
Patch Tuesday, October 2023 Edition
https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/
#PatchTuesdayOctober2023 #RapidResetAttack #SkypeforBusiness #CVE-2023-35349 #CVE-2023-36563 #CVE-2023-36778 #CVE-2023-41763 #CVE-2023-44487 #DamianMenscher #SecurityTools #ImmersiveLabs #iPadOS17.0.3 #NatalieSilva #TimetoPatch #AdamBarnett #CloudFlare #iOS17.0.3 #microsoft #windows #Wordpad #Amazon #google #libvpx #Rapid7 #apple
-
Patch Tuesday, October 2023 Edition https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/ #PatchTuesdayOctober2023 #RapidResetAttack #SkypeforBusiness #CVE-2023-35349 #CVE-2023-36563 #CVE-2023-36778 #CVE-2023-41763 #CVE-2023-44487 #DamianMenscher #SecurityTools #ImmersiveLabs #iPadOS17.0.3 #NatalieSilva #TimetoPatch #AdamBarnett #CloudFlare #iOS17.0.3 #microsoft #windows #Wordpad #Amazon #google #libvpx #Rapid7 #apple
-
Patch Tuesday, October 2023 Edition https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/ #PatchTuesdayOctober2023 #RapidResetAttack #SkypeforBusiness #CVE-2023-35349 #CVE-2023-36563 #CVE-2023-36778 #CVE-2023-41763 #CVE-2023-44487 #DamianMenscher #SecurityTools #ImmersiveLabs #iPadOS17.0.3 #NatalieSilva #TimetoPatch #AdamBarnett #CloudFlare #iOS17.0.3 #microsoft #windows #Wordpad #Amazon #google #libvpx #Rapid7 #apple
-
Patch Tuesday, October 2023 Edition https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/ #PatchTuesdayOctober2023 #RapidResetAttack #SkypeforBusiness #CVE-2023-35349 #CVE-2023-36563 #CVE-2023-36778 #CVE-2023-41763 #CVE-2023-44487 #DamianMenscher #SecurityTools #ImmersiveLabs #iPadOS17.0.3 #NatalieSilva #TimetoPatch #AdamBarnett #CloudFlare #iOS17.0.3 #microsoft #windows #Wordpad #Amazon #google #libvpx #Rapid7 #apple
-
Patch Tuesday, October 2023 Edition https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/ #PatchTuesdayOctober2023 #RapidResetAttack #SkypeforBusiness #CVE-2023-35349 #CVE-2023-36563 #CVE-2023-36778 #CVE-2023-41763 #CVE-2023-44487 #DamianMenscher #SecurityTools #ImmersiveLabs #iPadOS17.0.3 #NatalieSilva #TimetoPatch #AdamBarnett #CloudFlare #iOS17.0.3 #microsoft #windows #Wordpad #Amazon #google #libvpx #Rapid7 #apple
-
Patch Tuesday, October 2023 Edition https://krebsonsecurity.com/2023/10/patch-tuesday-october-2023-edition/ #PatchTuesdayOctober2023 #RapidResetAttack #SkypeforBusiness #CVE-2023-35349 #CVE-2023-36563 #CVE-2023-36778 #CVE-2023-41763 #CVE-2023-44487 #DamianMenscher #SecurityTools #ImmersiveLabs #iPadOS17.0.3 #NatalieSilva #TimetoPatch #AdamBarnett #CloudFlare #iOS17.0.3 #microsoft #windows #Wordpad #Amazon #google #libvpx #Rapid7 #apple
-
Apple releases iOS/iPad OS 17.0.3 as an emergency update to resolve an actively exploited zero day caused by a kernel vulnerability. If successful, a malicious actor can perform local privilege escalation as part of an attack chain.
Apple also notes that they have resolved CVE-2023-5217 by updating the libvpx to 1.13.1 in iOS/iPad OS 17.0.3
This marks the 17th zero day that Apple has addressed so far this year.
https://www.bleepingcomputer.com/news/apple/apple-emergency-update-fixes-new-zero-day-used-to-hack-iphones/
#infosec #cybersecurity #Apple #ios #ipados #kernel #vulnerability #CVE_2023_42824 #CVE_2023_5217 #libvpx #zeroday -
New 0-day, this time on "libvpx". Affects Chrome, Firefox and many more apps.
-
Woohoo, another day, another #0day like the #libwebp one, this time in #libvpx: https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
Let the purge / patch crunch begin!
-
Woohoo, another day, another #0day like the #libwebp one, this time in #libvpx: https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
Let the purge / patch crunch begin!
-
Woohoo, another day, another #0day like the #libwebp one, this time in #libvpx: https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
Let the purge / patch crunch begin!
-
Woohoo, another day, another #0day like the #libwebp one, this time in #libvpx: https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
Let the purge / patch crunch begin!
-
Woohoo, another day, another #0day like the #libwebp one, this time in #libvpx: https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/
Let the purge / patch crunch begin!
-
VP8-Videokodierung: Zero-Day-Schwachstelle betrifft weit mehr als nur Chrome https://www.computerbase.de/2023-09/vp8-videokodierung-zero-day-schwachstelle-betrifft-weit-mehr-als-nur-chrome/ #VP8 #Google #Chrome #Schwachstelle #libvpx
-
🗒️ petit résumé / annotations surs les deux vulnérabilités basés sur les denières information disponibles au 29.09
"CVE-2023-5217 [ ndr 𝐥𝐢𝐛𝐯𝐩𝐱 ] requires a targeted device to create media in the VP8 format.
CVE-2023-4863 [ndr 𝐖𝐞𝐛𝐏 / 𝐥𝐢𝐛𝐰𝐞𝐛𝐏 ] could be exploited when a targeted device simply displayed a booby-trapped image."
👇
https://arstechnica.com/security/2023/09/new-0-day-in-chrome-and-firefox-is-likely-to-plague-other-software/CVE-2023-5129 ➡️ Retirée par Mitre Duplicata CVE-2023-4863
👇
https://www.cve.org/CVERecord?id=CVE-2023-5129------------------------
liste utile pour (merci @mttaggart ) suivi CVE-2023-4863 dans apps Electron
👇
https://docs.google.com/spreadsheets/d/1QLLFYCO0FMAu1ob6mnYCapW8dnx-HXunbf_zc9QLXlM/edit#gid=1774064991FAQ CVE-2023-4863 par Tenable
👇
https://www.tenable.com/blog/cve-2023-41064-cve-2023-4863-cve-2023-5129-faq-imageio-webp-zero-days------------------------
Annonce CVE-2023-5217
👇
https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_27.html -
*Sigh*, another one of these:
"CVE-2023-5217: Heap buffer overflow in vp8 encoding in #libvpx."
"Google is aware that an exploit for CVE-2023-5217 exists in the wild."Note that because it's in an underlying (video codec) library, it's probably going to be an issue in every browser and video player and electron app; just like the prior #libwebp #security bug.
