9 matches found
CVE-2026-2664
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...
EUVD-2026-7385
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed in Docker Desktop...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : ruby2.5 (SUSE-SU-2025:02814-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02814-1 advisory. - CVE-2024-35221: Fixed remote denial of service via YAML manifest bsc1225905 Tenable has extracted the...
SUSE CVE-2016-5211
A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...
SA43620 - 2018-01 Out-Of-Cycle Advisory : Pulse Secure Desktop Linux Client - SSL Certificate Validation Issue
Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. The Pulse Linux GUI component does not perform strict SSL certificate validation which allows the attacker to manipulate the Pulse connection set. This issue is applicable only Pulse...
CVE-2018-6374
The GUI component aka PulseUI in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Certificate Validation. This can lead to the manipulation of the Pulse Connection set...
CVE-2018-6374
The GUI component aka PulseUI in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Certificate Validation. This can lead to the manipulation of the Pulse Connection set...
CVE-2018-6374
CVE-2018-6374 affects Pulse Secure Desktop Linux clients where the GUI component (PulseUI) fails to perform strict SSL certificate validation, enabling manipulation of the Pulse Connection set. Affected versions include Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE...
Desktop Linux Password Stealer and Privilege Escalation
This module steals the user password of an administrative user on a desktop Linux system when it is entered for unlocking the screen or for doing administrative actions using PolicyKit. Then, it escalates to root privileges using sudo and the stolen user password. It exploits the design weakness...