CVE-2022-41582

The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability...

Design/Logic Flaw

A flaw was found in Caribou due to a regression of CVE-2020-25712 fix. An attacker could use this flaw to bypass screen-locking applications that leverage Caribou as an input mechanism. The highest threat from this vulnerability is to system availability...

Cross site request forgery (csrf)

A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability...

Out-of-bounds

A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivexopen function. An attacker could input a specially crafted Windows Registry hive file which would cause hivex to read memory beyond its normal bounds or cause the program to...

CVE-2020-27846

A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CVE-2020-25652

A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in /run/spice-vdagentd/spice-vdagent-sock. Any unprivileged local guest user could use this flaw to prevent legitimate agents from connecting to th...