Matrix Synapse Improper Signature Validation

Matrix Synapse before 0.33.3.1 and 0.33.2.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation...

CVE-2022-0317 Improper Input Validation in AKPublic.Verify in go-attestation

An improper input validation vulnerability in go-attestation before 0.3.3 allows local users to provide a maliciously-formed Quote over no/some PCRs, causing AKPublic.Verify to succeed despite the inconsistency. Subsequent use of the same set of PCR values in Eventlog.Verify lacks the...

CVE-2018-16515

Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation...

CVE-2018-16515

Matrix Synapse prior to 0.33.3.1 is vulnerable to remote spoofing of events due to improper transaction and event signature validation. The issue affects Matrix Synapse kernels where an attacker could spoof events and possibly trigger unspecified impacts. Remediation is to upgrade to version 0.33...

openSUSE Security Update : libcgroup-devel (openSUSE-SU-2011:0316-1)

libcgroup suffered from a heap based buffer overflow CVE-2011-1006. The cgrulesengd daemon did not verify the origin of netlink messages, allowing local users to spoof events CVE-2011-1022. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...