Arbitrary Code Execution

libglusterfs.so is vulnerable to arbitrary code execution attacks. The library does not properly sanitize file paths in the trusted.io-stats-dump attribute, allowing a malicious user to create arbitrary files or execute arbitrary code...

SUSE-SU-2018:1694-1 Security update for nautilus

This update for nautilus fixes the following security issue: - CVE-2017-14604: Fixed a file type spoofing attack by adding a metadata::trusted attribute to a file once the user acknowledges the file as trusted, and also remove the 'trusted' content in the desktop file bsc1060031...