Unity Linux 20.1070a Security Update: kernel (UTSA-2025-396866)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-396866 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The cmd variable can be...

usb: typec: fix potential array underflow in ucsi_ccg_sync_control()

...

UBUNTU-CVE-2024-53203

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

CVE-2024-53203

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...

UBUNTU-CVE-2024-50268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential out of bounds in ucsiccgupdatesetnewcamcmd The "cmd" variable can be controlled by the user via debugfs. That means "newcam" can be as high as 255 while the size of the uc-updated array is UCSIMAXALTMODE...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds issue in the ucsiccgupdatesetnewcamcmd function...

GHSA-9WGG-M99Q-HHFC Expired tokens can be renewed without validating the account password

Impact In versions of the proxy from 2022-09-05 onwards since 8c874c2ff3d503ac20c7d32f46e08547fcb9e23f, expired OAuth 2.0 client credentials grant CCG flow authorisation tokens could be renewed automatically without checking their validity against the original account configuration i.e., the...

greatyarmouthandwaveneyccg.nhs.uk XSS vulnerability

Open Bug Bounty ID: OBB-547556 Description| Value ---|--- Affected Website:| greatyarmouthandwaveneyccg.nhs.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure Standard:|...

greenwichccg.nhs.uk XSS vulnerability

Open Bug Bounty ID: OBB-311242 Description| Value ---|--- Affected Website:| greenwichccg.nhs.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Elemental Kingdoms (CCG) - Customized SSL, WebView SSL handling enabled, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Elemental Kingdoms CCG published at the 'play' market has multiple vulnerabilities...

Eldhelm - online CCG/RPG/Duel - Dangerous filesystem permissions, Insecure KeyStore, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Eldhelm - online CCG/RPG/Duel published at the 'play' market has multiple vulnerabilities...