MiracleLinux 7 : tigervnc-1.3.1-3.el7 (AXSA:2015-910:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-910:01 advisory. Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it ...

SoftIron HyperCloud 安全漏洞

SoftIron HyperCloud is an intelligent cloud architecture from SoftIron. A security vulnerability exists in SoftIron HyperCloud versions 2.5.0 through 2.6.3 that stems from incorrectly adding a user SSH key to an administrator-level authorization key, which could lead to unauthorized elevation of...

CVE-2024-52600

Statmatic is a Laravel and Git powered content management system CMS. Prior to version 5.17.0, assets uploaded with appropriately crafted filenames may result in them being placed in a location different than what was configured. The issue affects front-end forms with assets fields and other plac...

The vulnerability of the macro-defined ARCH_DMA_MINALIGN in the Linux operating system on the PA-RISC platform allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the macro definition ARCHDMAMINALIGN in the arch/parisc/include/asm/cache.h file of the Linux operating system’s kernel on the PA-RISC platform is related to incorrect object placement in the cache. Exploiting this vulnerability could allow an attacker to compromise the...

The vulnerability of the DeviceHandler component of the cross-platform Xen hypervisor for Linux operating systems allows a perpetrator to escalate their privileges.

The vulnerability of the DeviceHandler component in the cross-platform hypervisor Xen of the Linux operating system is related to the incorrect placement of the preprocessor directive in the source code. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2024-25620

Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. When either the Helm client or SDK is used to save a chart whose name within the Chart.yaml file includes a relative path change, the chart would be saved outside its expected directory based on the...

A path traversal vulnerability exists in curl <8.0.0 SFTP implementation causes the tilde (~) character to be wrongly replaced when used as a prefix in the first path element in addition to its intended use as the first element to indicate a path relative to the user's home directory. Attackers can exploit this flaw to bypass filtering or execute arbitrary code by crafting a path like /~2/foo while accessing a server with a specific user.

...

SUSE CVE-2018-17476

Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page...

The vulnerability of the powerdevil utility in the Astra Linux operating system, which allows a hacker to trigger a service failure.

The vulnerability of the powerdevil utility in the Astra Linux operating system is related to errors in processing the power button press after the monitor exits sleep mode, resulting in incorrect positioning of interface elements. Exploiting this vulnerability can allow an intruder to cause a...

chromium-browser: Security UI occlusion in full screen mode

Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page...

Scientific Linux Security Update : tigervnc on SL7.x x86_64 (20151119)

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way TigerVNC handled screen sizes. A malicious VNC server could use this flaw to cause a client to crash or, potentially, execute arbitrary code on the client. CVE-2014-8240 A NULL pointer dereference flaw was fou...

Moderate: Red Hat Security Advisory: tigervnc security, bug fix, and enhancement update

Updated tigervnc packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Certain characters can obscure the page address

When a page address contains certain characters, they can cause the page address text to be misplaced. In some cases, this could make characters be indistinguishable from each other, allowing some site addresses to look like other site addresses...