UBUNTU-CVE-2022-35978

Minetest is a free open-source voxel game engine with easy modding and game creation. In single player, a mod can set a global setting that controls the Lua script loaded to display the main menu. The script is then loaded as soon as the game session is exited. The Lua environment the menu runs i...

The vulnerability of the File Server Cache service in the Teamcenter product lifecycle management system allows a hacker to trigger a service failure.

The vulnerability of the File Server Cache service in the Teamcenter product lifecycle management system is related to the execution of a cycle with an unavailable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

GSD-2022-1004738 powerpc: Enable execve syscall exit tracepoint

powerpc: Enable execve syscall exit tracepoint This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.202 by commit...

GSD-2022-1004621 powerpc: Enable execve syscall exit tracepoint

powerpc: Enable execve syscall exit tracepoint This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.127 by commit...

GSD-2022-1004454 powerpc: Enable execve syscall exit tracepoint

powerpc: Enable execve syscall exit tracepoint This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.51 by commit...

[SECURITY] Fedora 35 Update: clipman-1.6.1-3.fc35

A basic clipboard manager for Wayland, with support for persisting copy buffe rs after an application exits...

The vulnerability of the MultipartStream.java file in the Apache Commons FileUpload library allows a hacker to induce a service failure.

The vulnerability of the MultipartStream.java file in the Apache Commons FileUpload library is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure by manipulating the Content-Type header created by the...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when exiting fullscreen mode, an iframe could have confused the browser about the current state of the fullscreen, resulting in potential user confusion or spoofing attacks...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when exiting fullscreen mode, an iframe could have confused the browser about the current state of the fullscreen, resulting in potential user confusion or spoofing attacks...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when exiting fullscreen mode, an iframe could have confused the browser about the current state of the fullscreen, resulting in potential user confusion or spoofing attacks...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when exiting fullscreen mode, an iframe could have confused the browser about the current state of the fullscreen, resulting in potential user confusion or spoofing attacks...

Mozilla: Browser window spoof using fullscreen mode

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes the issue of when exiting fullscreen mode, an iframe could have confused the browser about the current state of the fullscreen, resulting in potential user confusion or spoofing attacks...

The vulnerability of the PJSIP multimedia communication library, related to executing a loop with an unavailable exit condition, allows attackers to cause service failures.

The vulnerability of the PJSIP multimedia communication library lies in the execution of a loop with an unavailable exit condition during the processing of WAV/AVI files. Exploiting this vulnerability can allow a malicious actor to cause service failures...

The vulnerability of the PJSIP multimedia communication library, related to executing a loop with an unavailable exit condition, allows attackers to cause service failures.

The vulnerability of the PJSIP multimedia communication library is related to the execution of a loop with an unavailable exit condition during syntactic analysis of XML files. Exploiting this vulnerability can allow a malicious actor to cause service failures...

kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

kernel: KVM: SVM: out-of-bounds read/write in sev_es_string_io

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State SEV-ES. A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction for example, outs or ins using the exit...

USB-based Wormable Malware Targets Windows Installer

Credit: Red Canary Wormable malware dubbed Raspberry Robin has been active since last September and is wriggling its way through USB drives onto Windows machines to use Microsoft Standard Installer and other legitimate processes to install malicious files, researchers have found. Researchers at...

The vulnerability of the X509_verify_cert() function in the OpenSSL library, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.

The vulnerability of the X509verifycert function in the OpenSSL library is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the svx_read_header() function in the audio file reading and writing library libsndfile allows a attacker to cause a service denial.

The vulnerability of the svxreadheader function in the audio file reading and writing library libsndfile is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of Xen hypervisors relates to the execution of a loop with an unavailable exit condition, allowing a malicious actor to cause a service failure.

The vulnerability of Xen hypervisors relates to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability allows an attacker to cause a service failure...