4 matches found
flatpak: TIOCLINUX can send commands outside sandbox if running on a virtual console
A flaw was found in Flatpak, a system for building, distributing, and running sandboxed desktop applications on Linux. It contains a vulnerability similar to CVE-2017-5226 but using the TIOCLINUX ioctl command instead of TIOCSTI. If a Flatpak app is run on a Linux virtual console such as /dev/tty...
UBUNTU-CVE-2023-28100
Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Versions prior to 1.10.8, 1.12.8, 1.14.4, and 1.15.4 contain a vulnerability similar to CVE-2017-5226, but using the TIOCLINUX ioctl command instead of TIOCSTI. If a Flatpak app is run on a Linux...
UBUNTU-CVE-2022-35978
Minetest is a free open-source voxel game engine with easy modding and game creation. In single player, a mod can set a global setting that controls the Lua script loaded to display the main menu. The script is then loaded as soon as the game session is exited. The Lua environment the menu runs i...
The vulnerability of the ZyXEL PMG5318-B20A router allows a violator to circumvent existing access restrictions.
The vulnerability of the ZyXEL PMG5318-B20A router exists due to the absence of session termination after exiting the system. Exploiting this vulnerability allows a malicious actor to circumvent existing access restrictions by using an automated workstation...