ASB-A-318683640

In setForceHideNonSystemOverlayWindowIfNeeded of WindowState.java, there is a possible way for message content to be visible on the screensaver while lock screen visibility settings are restricted by the user due to a logic error in the code. This could lead to local escalation of privilege with ...

[SECURITY] Fedora 34 Update: rss-glx-0.9.1.p-50.fc34

A port of the Really Slick Screensavers to GLX. Provides several visually impressive and graphically intensive screensavers. Note that this package contains only the display hacks themselves; you will need to install the appropriate subpackage for your desktop environment in order to use them as...

Fedora: Security Advisory for rss-glx (FEDORA-2021-b58af96f33)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rss-glx (FEDORA-2021-df1fa3d3e0)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 35 Update: rss-glx-0.9.1.p-50.fc35

A port of the Really Slick Screensavers to GLX. Provides several visually impressive and graphically intensive screensavers. Note that this package contains only the display hacks themselves; you will need to install the appropriate subpackage for your desktop environment in order to use them as...

Persistence – Screensaver

Screensavers are part of Windows functionality and enable users to put a screen message or a graphic animation after a period of inactivity. This feature of Windows it is known to be abused by threat actors as a method of persistence. This is because screensavers are executable files that have th...

[SECURITY] Fedora 25 Update: rss-glx-0.9.1.p-27.fc25.1

A port of the Really Slick Screensavers to GLX. Provides several visually impressive and graphically intensive screensavers. Note that this package contains only the display hacks themselves; you will need to install the appropriate subpackage for your desktop environment in order to use them as...

[SECURITY] Fedora 26 Update: rss-glx-0.9.1.p-29.fc26.1

A port of the Really Slick Screensavers to GLX. Provides several visually impressive and graphically intensive screensavers. Note that this package contains only the display hacks themselves; you will need to install the appropriate subpackage for your desktop environment in order to use them as...

JVN#41185163: Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE may insecurely load Dynamic Link Libraries

Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Impact This vulnerability can be exploited when the following condition is met. If this vulnerabilit...

Desktop Linux Password Stealer / Privilege Escalation Exploit

This Metasploit module steals the user password of an administrative user on a desktop Linux system when it is entered for unlocking the screen or for doing administrative actions using policykit. Then it escalates to root privileges using sudo and the stolen user password. It exploits the design...

Desktop Linux Password Stealer and Privilege Escalation

This module steals the user password of an administrative user on a desktop Linux system when it is entered for unlocking the screen or for doing administrative actions using PolicyKit. Then, it escalates to root privileges using sudo and the stolen user password. It exploits the design weakness...

Holiday Season Phishing Scams and Malware Campaigns

As the winter holidays approach, US-CERT reminds users to stay aware of seasonal scams and cyber campaigns, which may include: electronic greeting cards that may contain malware requests for charitable contributions that may be phishing scams and may originate from illegitimate sources claiming t...

Fedora 7 : xorg-x11-server-1.3.0.0-16.fc7 (2008-0956)

When enabling the 'unredirect fullscreen windows' option, compiz will unredirect fullscreen windows to improve performace. However, unredirecting will as a side effect break any grabs on that window, which compromises most screensavers. This X server update suppresses this unintended side effect...

Fedora 8 : xorg-x11-server-1.3.0.0-40.fc8 (2008-0930)

When enabling the 'unredirect fullscreen windows' option, compiz will unredirect fullscreen windows to improve performace. However, unredirecting will as a side effect break any grabs on that window, which compromises most screensavers. This X server update suppresses this unintended side effect...

[SECURITY] Fedora 7 Update: rss-glx-0.8.1.p-15.fc7

A port of the Really Slick Screensavers to GLX. Provides several visually impressive and graphically intensive screensavers. Note that this package contains only the display hacks themselves; you will need to install the appropriate subpackage for your desktop environment in order to use them as...

Moderate: Red Hat Security Advisory: xscreensaver security update

An updated xscreensaver package that fixes a security flaw is now available for Red Hat Enterprise Linux 2.1, 3, and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. XScreenSaver is a collection of screensavers. Alex Yamauchi discovered a fla...

CVE-2003-0885

Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the 1 apple2, 2 xanalogtv, and 3 pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack...

CVE-1999-1269

CVE-1999-1269 affects KDE beta 3 screen savers. The root cause is a symlink attack on the .kss.pid file, allowing local users to overwrite arbitrary files. Exploitation details are not provided in the connected documents, and no remediation/patch information is included here.