9 matches found
OESA-2026-2214 xdg-dbus-proxy security update
xdg-dbus-proxy is a filtering proxy for D-Bus connections. It was originally part of the flatpak project, but it has been broken out as a standalone module to facilitate using it in other contexts. Security Fixes: xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy...
[SECURITY] [DSA 6224-1] xdg-dbus-proxy security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6224-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2026 https://www.debian.org/security/faq -...
[SECURITY] [DLA 4542-1] xdg-dbus-proxy security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4542-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 21, 2026 https://wiki.debian.org/LTS -...
CVE-2026-34080 xdg-dbus-proxy has an eavesdrop filter bypass allowing message interception
xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases. Client...
CVE-2026-34080 xdg-dbus-proxy has an eavesdrop filter bypass allowing message interception
xdg-dbus-proxy is a filtering proxy for D-Bus connections. Prior to 0.1.7, a policy parser vulnerability allows bypassing eavesdrop restrictions. The proxy checks for eavesdrop=true in policy rules but fails to handle eavesdrop ='true' with a space before the equals sign and similar cases. Client...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004427)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004427 advisory. An issue was discovered in the Linux kernel through 5.6.2. mpolparsestr in mm/mempolicy.c has a stack- based out-of-bounds write because an empty nodelist is...
CVE-2023-53369
In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCBATTRBCN The dcbnlbcnsetcfg uses erroneous policy to parse tbDCBATTRBCN, which is introduced in commit 859ee3c43812 "DCB: Add support for DCB BCN". Please see the comment in below code...
USN-6312-1 linux-gke, linux-ibm-5.4 vulnerabilities
It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service infinite recursion. CVE-2020-36691 Billy Jheng Bing Jhong discovered that the CIFS network...
SUSE CVE-2010-3636
Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Solaris, and 10.1.95.1 on Android, does not properly handle unspecified encodings during the parsing of a cross-domain policy file, which allows remote web servers to bypass intended access restrictio...