CVE-2025-65199 Windscribe for Linux 'changeMTU' local privilege escalation

A command injection vulnerability exists in Windscribe for Linux Desktop App that allows a local user who is a member of the windscribe group to execute arbitrary commands as root via the 'adapterName' parameter of the 'changeMTU' function. Fixed in Windscribe v2.18.3-alpha and v2.18.8...

EUVD-2023-29922

Malicious code in bioql PyPI...

CVE-2021-29449

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Multiple privilege escalation vulnerabilities were discovered in version 5.2.4 of Pi-hole core. See the referenced GitHub security advisory for details...

CVE-2019-10044

Telegram Desktop before 1.5.12 on Windows, and the Telegram applications for Android, iOS, and Linux, is vulnerable to an IDN homograph attack when displaying messages containing URLs. This occurs because the application produces a clickable link even if for example Latin and Cyrillic characters...

Zoom Workplace App for Linux Elevation of Privilege Vulnerability

Zoom Workplace App for Linux is an application for enterprise communication and collaboration, offering features such as video conferencing, online meetings, chat and mobile collaboration. An elevation of privilege vulnerability exists in Zoom Workplace App for Linux, which stems from the...

CVE-2025-0143

Out-of-bounds write in the Zoom Workplace App for Linux before version 6.2.5 may allow an unauthorized user to conduct a denial of service via network access...

CVE-2024-42472 Flatpak may allow access to files outside sandbox for certain apps

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

Updating Expired DigiCertSHA2SecureServerCA Certificate in Citrix Workspace app for Linux

Users may face issues while connecting to an HDX session...

Oracle Linux 8 : flatpak-builder (ELSA-2022-7458)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-7458 advisory. - Fix CVE-2022-21682 2042007 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

CVE-2022-21682

Flatpak is a Linux application sandboxing and distribution framework. A path traversal vulnerability affects versions of Flatpak prior to 1.12.3 and 1.10.6. flatpak-builder applies finish-args last in the build. At this point the build directory will have the full access that is specified in the...

CVE-2021-43860

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a...

Sniffjoke 0.4.1 - Anti-sniffing Framework & Tool For Session Scrambling

Sniffjoke 0.4.1 - Anti-sniffing Framework & Tool For Session Scrambling SniffJoke is an application for Linux that handle transparently your TCP connection, delaying, modifying and injecting fake packets inside your transmission, make them almost impossible to be correctly read by a passive...

Maelstrom Server 3.0.x - Argument Buffer Overflow (3)

Maelstrom Server 3.0.x - Argument Buffer Overflow 3 // source: https://www.securityfocus.com/bid/7630/info Maelstrom for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it ...