Exploit for Generation of Error Message Containing Sensitive Information in Checkpoint Ssl_Network_Extender

CVE-2021-30357CheckPointSNXVPNPoC Proof-of-Concept for pri...

Valve: Steam Deck Single Click Root Remote Code Execution

Vulnerability description not provided...

Linux Client Shortcut Key Ctrl+Alt+Enter will work as Ctrl+Alt+Delete in Linux VDA

Normally, Ctrl+Alt+Enter from a Windows Client will change xfreerdp from "Window Mode" to "Full Screen" and vice versa in a Linux VDA's ICA session. However, on a Linux Client the same shortcut key Ctrl+Alt+Enter will work as Ctrl+Alt+Delete to the application xfreerdp in a Linux VDA's ICA sessio...

JSA10616 - 2014-03 Security Bulletin: Pulse Connect Secure (PCS): Linux Network Connect client local user privilege escalation issue (CVE-2014-2292)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A privilege escalation issue has been found and corrected in the Linux Network Connect client. This issue could allow a non-root user to escalate their access to root privileges on a...

Citrix Workspace App For Linux 2212 Credential Leak Vulnerability

The Citrix Linux client emits its session credentials when starting a Citrix session. These credentials end up being recorded in the client's system log. Citrix does not consider this to be a security vulnerability. Citrix Workspace App for Linux versions 2212 is affected. Citrix Linux client...

Hotkey "CTRL+Break" does not work on Windows VDA through Citrix Workspace app for Linux Clients

The CTRL+Break hotkey does not work if we launch a Windows VDA session from a Citrix Workspace for Linux client. Steps to reproduce the issue 1. Open the Windows Command Prompt in the Windows VDA session from Citrix Workspace for Linux client. 2. Run the "ping -t google.com" command 3. Press the...

GlobalProtect-Openconnect 安全漏洞

GlobalProtect-Openconnect is a GlobalProtect VPN client GUI for Linux based on OpenConnect and built with Qt5 to support SAML authentication mode. A security vulnerability exists in GlobalProtect-Openconnect, which is caused by GlobalProtect-Openconnect being set up in a way that allows an...

Pulse Secure Desktop Client (Linux) Buffer Overflow Vulnerability

Pulse Secure Linux Desktop Client is a suite of Linux-based client software from Pulse Secure, Inc. for accessing end devices on Juniper Pulse Secure gateways. A buffer overflow vulnerability exists in Pulse Secure Desktop Client Linux versions prior to 9.1R9. A local attacker could exploit this...

Pulse Secure Desktop Client Client Registry Elevation of Privilege Vulnerability

Pulse Secure Desktop Client is scalable, multi-service network client that supports integrated connectivity and secure location-aware network access. A client registry privilege escalation vulnerability exists in Pulse Secure Desktop Client Linux versions prior to 9.1R9, which originates in the...

CVE-2020-8248

A vulnerability in the Pulse Secure Desktop Client Linux 9.1R9 could allow local attackers to escalate privilege...

CVE-2020-8250

A vulnerability in the Pulse Secure Desktop Client Linux 9.1R9 could allow local attackers to escalate privilege...

CVE-2020-15590

A vulnerability in the Private Internet Access PIA VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. Th...

DEBIAN-CVE-2020-8227

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...

UBUNTU-CVE-2020-8227

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted...

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted...

CVE-2020-8199

Improper access control in Citrix ADC Gateway Linux client versions before 1.0.0.137 results in local privilege escalation to root...

CentOS: Security Advisory for qemu-img (CESA-2020:0366)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 31 Update: ocsinventory-agent-2.6.0-3.2.fc31

Open Computer and Software Inventory Next Generation is an application designed to help a network or system administrator keep track of computer configuration and software installed on the network. It also allows deploying software, commands or files on Windows and Linux client computers...

DEBIAN-CVE-2019-18625

An issue was discovered in Suricata 5.0.0. It was possible to bypass/evade any tcp based signature by faking a closed TCP session using an evil server. After the TCP SYN packet, it is possible to inject a RST ACK and a FIN ACK packet with a bad TCP Timestamp option. The client will ignore the RST...