RockyLinux 10 : udisks2 (RLSA-2026:3476)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3476 advisory. udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API CVE-2026-26104 udisks: Missing Authorization...

udisks: Missing Authorization Check Allows Unprivileged Users to Restore LUKS Headers via udisks D-Bus API

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...

Important: Red Hat Security Advisory: udisks2 security update

An update for udisks2 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

EUVD-2015-1467

Malware in sbrugna...

Moderate: Red Hat Security Advisory: convert2rhel security, bug fix, and enhancement update

An update for convert2rhel is now available for Convert2RHEL for RHEL-8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: Red Hat Security Advisory: convert2rhel security, bug fix, and enhancement update

An update for convert2rhel is now available for Convert2RHEL for RHEL-7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

SUSE: Security Advisory (SUSE-SU-2014:0188-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Design/Logic Flaw

Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transfer. This could allow a malicious application using the DBUS API to export file:///etc/passwd which...

CVE-2015-1327

Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transfer. This could allow a malicious application using the DBUS API to export file:///etc/passwd which...

CVE-2015-1327

Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transfer. This could allow a malicious application using the DBUS API to export file:///etc/passwd which...

CVE-2015-1327

Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 is vulnerable to an information disclosure via DBUS API where a confined app passes a file path and a malicious actor could cause a transfer of file:///etc/passwd to another app. Root cause: the DBUS API does not require the confined app to...

CVE-2015-1327 Content-hub DBUS API doesn't prevent confined apps from passing paths to files without access

Content Hub before version 0.0+15.04.20150331-0ubuntu1.0 DBUS API only requires a file path for a content item, it doesn't actually require the confined app have access to the file to create a transfer. This could allow a malicious application using the DBUS API to export file:///etc/passwd which...

MGASA-2015-0491 Updated blueman packages fix security vulnerability

Privilege escalation vulnerability in blueman before 2.0.3 in the dbus API CVE-2015-8612...

Updated blueman packages fix security vulnerability

Privilege escalation vulnerability in blueman before 2.0.3 in the dbus API CVE-2015-8612...

openSUSE Security Update : hplip (openSUSE-SU-2013:1617-1)

the following security issue was fixed for HPLIP 3.13.10: usage of an insecure polkit DBUS API fix for bnc836937 and CVE-2013-4325 that are related to CVE-2013-4288 and bnc835827. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

SuSE 11.2 / 11.3 Security Update : hplip (SAT Patch Numbers 8775 / 8777)

hplip was updated to fix three security issues : - Some local file overwrite problems via predictable /tmp filenames were fixed. CVE-2013-0200 - hplip used an insecure polkit DBUS API polkit-process subject race condition which could lead to local privilege escalation. CVE-2013-4325 - hplip uses...