The vulnerability of the Yandex Browser Lite browser for Android allows a hacker to replace the value of the URL bar with a spoofing IDN.

The vulnerability of the Yandex Browser Lite browser for Android is related to errors in information representation by the user interface. Exploiting this vulnerability allows a malicious actor to remotely replace values in the address bar using IDN spoofing techniques...

The vulnerability of the Anti-Fishing function of the Yandex Browser allows a hacker to bypass existing security restrictions.

The vulnerability of the Anti-Fishing function of the Yandex Browser is related to security configuration errors. Exploiting this vulnerability can allow a remote attacker to bypass existing security restrictions...

The vulnerability of the Yandex Browser’s Safe WiFi technology, which allows a hacker to expose protected information.

The vulnerability of the Safe WiFi technology of the Yandex Browser is related to resource release errors. Exploiting this vulnerability can allow a remote attacker to disclose protected information...

The vulnerability of the DNS Server component of the Windows operating system, which allows a hacker to execute arbitrary code.

The vulnerability of the DNS Server component of the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Yandex Browser, related to errors in processing symbolic links, allows attackers to escalate their privileges.

The vulnerability of the Yandex Browser is related to errors in processing symbolic links when loading the installation file. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the client device during the installation and preliminary configuration of new devices under Windows Autopilot of the Microsoft operating system allows attackers to perform spear-phishing attacks.

The vulnerability of the client software for installing and preliminarily configuring new devices under Windows Autopilot of the Microsoft operating system is related to information representation errors in the user interface. Exploiting this vulnerability allows a malicious actor to perform...

SUSE-SU-2022:2116-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. bsc1199650 - CVE-2022-21123: Fixed a stale MMIO data...

OPENSUSE-SU-2022:10016-1 Security update for firejail

This update for firejail fixes the following issues: firejail was updated to version 0.9.70: - CVE-2022-31214 - root escalation in --join logic boo1199148 Reported by Matthias Gerstner, working exploit code was provided to our development team. In the same time frame, the problem was independentl...

Security update for firejail (important)

openSUSE Security Update: Security update for firejail Announcement ID: openSUSE-SU-2022:10016-1 Rating: important References: 1199148 Cross-References: CVE-2022-31214 CVSS scores: CVE-2022-31214 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-S...

OESA-2022-1712 python-bottle security update

Bottle is a fast, simple and lightweight WSGI micro web-framework for Python. It is distributed as a single file module and has no dependencies other than the Python Standard Library. Security Fixes: Bottle before 0.12.20 mishandles errors during early request binding.CVE-2022-31799...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to errors in information processing. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

The vulnerability of Skype for Business Server in corporate communication servers lies in the lack of protection for service data, which allows attackers to carry out spoofing attacks.

The vulnerability of Skype for Business Server’s corporate communication servers is related to information representation errors in the user interface. Exploiting this vulnerability can allow attackers to perform spoofing attacks remotely...

The vulnerability of the Windows Hyper-V hardware virtualization system allows a perpetrator to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Windows Hyper-V hardware virtualization system is related to errors in information processing. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

The vulnerability of the Azure Site Recovery recovery tool allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Azure Site Recovery recovery tool is related to errors in information processing. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Work Folder Service in Windows operating systems arises from synchronization errors when using a shared resource, allowing attackers to escalate their privileges.

The vulnerability of the Work Folder Service in Windows operating systems is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Advanced Local Procedure Call (ALPC) handler in the Windows operating system allows attackers to escalate their privileges.

The vulnerability of the Advanced Local Procedure Call ALPC in the Windows operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to gain increased privileges...

SUSE-SU-2022:2103-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. bsc1199650 - CVE-2022-21123: Fixed a stale MMIO data...

Microsoft Edge’s vulnerability, related to synchronization errors when using a shared resource, allows attackers to escalate their privileges.

The vulnerability of Microsoft Edge relates to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges remotely...

SUSE: Security Advisory (SUSE-SU-2022:2078-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:2079-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited to speculatively/transiently disclose information via spectre like attacks. bsc1199650 - CVE-2022-21123: Fixed a stale MMIO data...