USN-8091-1: util-linux vulnerability

It was discovered that the util-linux su utility did not drop capabilities when being used with the --pty option. While not a security issue by itself, a local attacker could possibly use the su tool to exploit vulnerabilities in other applications...

CVE-2025-64696

Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improperly uses an external cache directory. If exploited, application-specific files may be accessed from other malicious applications...

CVE-2024-42192

HCL Traveler for Microsoft Outlook HTMO is susceptible to a credential leakage which could allow an attacker to access other computers or applications...

[SECURITY] Fedora 36 Update: cobbler-3.3.1-1.fc36

Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. The last two modes use a helper tool, 'koan', that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors,...

Multiple SHARP Android devices vulnerable to information disclosure

Overview Multiple SHARP Android devices contain an information disclosure vulnerability CWE-200. Impact Sensitive information of the device may be obtained by the other android application installed in the device. Solution Update the Firmware Update the firmware to the latest version according to...

Xiaomi Mi Mix has an unspecified vulnerability

The Xiaomi Mi Mix is a smartphone from Chinese company Xiaomi Technology Xiaomi. A security vulnerability exists in Xiaomi Mi Mix build fingerprint: Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1.5:user/release-keys in Xiaomi/lithium/lithium:6.0.1/MXB48T/7.1 A security vulnerability exists in...

PT-2018-16356 · Signal · Signal Messenger For Android

Name of the Vulnerable Software and Affected Versions: Signal Messenger for Android version 4.24.8 Description: The issue may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in...

Vulnerability in client (CVE-2018-1058)

Uncontrolled search path element in pgdump and other client applications...

Directory traversal

Directory traversal vulnerability in the GREE application before 1.3.3 for Android allows remote attackers to obtain sensitive information via a crafted URL, which is not properly handled during interaction with other applications...

ATOK for Android issue in the access permissions for the learning information file

Overview ATOK for Android provided by JUST Systems, contains an issue in the access permissions for the learning information file. ATOK for Android provided by JUST Systems contains an issue where another application may access the learning information file which stores user input strings. Gaku...

DEBIAN-CVE-2006-6107

Unspecified vulnerability in the matchruleequal function in bus/signals.c in D-Bus before 1.0.2 allows local applications to remove match rules for other applications and cause a denial of service lost process messages...