CVE-2021-47366

In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches between them when talking to a non-YFS server if the read...

PT-2024-4023 · Ivanti · Ivanti Secure Access Client For Linux

Name of the Vulnerable Software and Affected Versions: Ivanti Secure Access Client for Linux versions prior to 22.7R1 Description: A local privilege escalation issue allows a low-privileged user to execute code as root. The vulnerability is related to a buffer overflow in memory, which can be...

CVE-2023-28804 Linux ZCC allows unsigned updates, allowing elevated Code Execution

An Improper Verification of Cryptographic Signature vulnerability in Zscaler Client Connector on Linux allows replacing binaries.This issue affects Linux Client Connector: before 1.4.0.105...

CVE-2023-39208

Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access...

PT-2023-5208 · Zoom · Zoom Desktop Client For Linux

Name of the Vulnerable Software and Affected Versions: Zoom Desktop Client for Linux versions prior to 5.15.10 Description: The issue is related to improper input validation in the Zoom Desktop Client for Linux, which may allow an unauthenticated user to conduct a denial of service via network...

Exploit for Generation of Error Message Containing Sensitive Information in Checkpoint Ssl_Network_Extender

CVE-2021-30357CheckPointSNXVPNPoC Proof-of-Concept for pri...

Valve: Steam Deck Single Click Root Remote Code Execution

Vulnerability description not provided...

Linux Client Shortcut Key Ctrl+Alt+Enter will work as Ctrl+Alt+Delete in Linux VDA

Normally, Ctrl+Alt+Enter from a Windows Client will change xfreerdp from "Window Mode" to "Full Screen" and vice versa in a Linux VDA's ICA session. However, on a Linux Client the same shortcut key Ctrl+Alt+Enter will work as Ctrl+Alt+Delete to the application xfreerdp in a Linux VDA's ICA sessio...

JSA10616 - 2014-03 Security Bulletin: Pulse Connect Secure (PCS): Linux Network Connect client local user privilege escalation issue (CVE-2014-2292)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. A privilege escalation issue has been found and corrected in the Linux Network Connect client. This issue could allow a non-root user to escalate their access to root privileges on a...

Citrix Workspace App For Linux 2212 Credential Leak Vulnerability

The Citrix Linux client emits its session credentials when starting a Citrix session. These credentials end up being recorded in the client's system log. Citrix does not consider this to be a security vulnerability. Citrix Workspace App for Linux versions 2212 is affected. Citrix Linux client...

Hotkey "CTRL+Break" does not work on Windows VDA through Citrix Workspace app for Linux Clients

The CTRL+Break hotkey does not work if we launch a Windows VDA session from a Citrix Workspace for Linux client. Steps to reproduce the issue 1. Open the Windows Command Prompt in the Windows VDA session from Citrix Workspace for Linux client. 2. Run the "ping -t google.com" command 3. Press the...

GlobalProtect-Openconnect 安全漏洞

GlobalProtect-Openconnect is a GlobalProtect VPN client GUI for Linux based on OpenConnect and built with Qt5 to support SAML authentication mode. A security vulnerability exists in GlobalProtect-Openconnect, which is caused by GlobalProtect-Openconnect being set up in a way that allows an...

Pulse Secure Desktop Client (Linux) Buffer Overflow Vulnerability

Pulse Secure Linux Desktop Client is a suite of Linux-based client software from Pulse Secure, Inc. for accessing end devices on Juniper Pulse Secure gateways. A buffer overflow vulnerability exists in Pulse Secure Desktop Client Linux versions prior to 9.1R9. A local attacker could exploit this...

Pulse Secure Desktop Client Client Registry Elevation of Privilege Vulnerability

Pulse Secure Desktop Client is scalable, multi-service network client that supports integrated connectivity and secure location-aware network access. A client registry privilege escalation vulnerability exists in Pulse Secure Desktop Client Linux versions prior to 9.1R9, which originates in the...

CVE-2020-8250

A vulnerability in the Pulse Secure Desktop Client Linux 9.1R9 could allow local attackers to escalate privilege...

CVE-2020-8248

A vulnerability in the Pulse Secure Desktop Client Linux 9.1R9 could allow local attackers to escalate privilege...

CVE-2020-15590

A vulnerability in the Private Internet Access PIA VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. Th...

DEBIAN-CVE-2020-8227

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...

UBUNTU-CVE-2020-8227

Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicated sync directory...

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted...