Ubuntu: Security Advisory (USN-7363-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-6463-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6463-1: Open VM Tools vulnerabilities

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker Guest Operations privileges could possibly use this issue to escalate privileges. CVE-2023-34058 Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A...

Security update for firejail (important)

openSUSE Security Update: Security update for firejail Announcement ID: openSUSE-SU-2022:10016-1 Rating: important References: 1199148 Cross-References: CVE-2022-31214 CVSS scores: CVE-2022-31214 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-S...

Ubuntu 16.04 LTS : xawtv vulnerability (USN-4518-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4518-1 advisory. Matthias Gerstner discovered that xawtv incorrectly handled opening files. A local attacker could possibly use this issue to open and write to arbitrary files and...

chrony <= 3.5.1 data corruption through symlink vulnerability writing the pidfile

Miroslav Lichvar reports: chrony-3.5.1 ... fixes a security issue in writing of the pidfile. When chronyd is configured to save the pidfile in a directory where the chrony user has write permissions e.g. /var/run/chrony - the default since chrony-3.4, an attacker that compromised the chrony user...

Ubuntu 16.04 LTS / 18.04 LTS : libvirt vulnerabilities (USN-4047-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4047-1 advisory. Matthias Gerstner and Jn Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to...

USN-4047-1 libvirt vulnerabilities

Matthias Gerstner and Ján Tomko discovered that libvirt incorrectly handled certain API calls. An attacker could possibly use this issue to check for arbitrary files, or execute arbitrary binaries. In the default installation, attackers would be isolated by the libvirt AppArmor profile...

Ubuntu 18.04 LTS : LXC vulnerability (USN-3730-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3730-1 advisory. Matthias Gerstner discovered that LXC incorrectly handled the lxc-user-nic utility. A local attacker could possibly use this issue to open arbitrary files. Tenabl...

USN-3730-1: LXC vulnerability

Matthias Gerstner discovered that LXC incorrectly handled the lxc-user-nic utility. A local attacker could possibly use this issue to open arbitrary files...

Moderate: Red Hat Security Advisory: PackageKit security update

An update for PackageKit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...