DEBIAN-CVE-2021-44141

All versions of Samba prior to 4.15.5 are vulnerable to a malicious client using a server symlink to determine if a file or directory exists in an area of the server file system not exported under the share definition. SMB1 with unix extensions has to be enabled in order for this attack to succee...

PT-2022-9181 · Gnome +1 · Gnome Shell +1

Name of the Vulnerable Software and Affected Versions: gnome-shell versions affected versions not specified Description: A locking protection bypass flaw was found in gnome-shell, allowing a physical attacker with access to a locked system to kill existing applications and start new ones as the...

xmlrpc: Deserialization of untrusted Java object through <ex:serializable> tag

A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element...