7 matches found
openSUSE 16 Security Update : himmelblau (openSUSE-SU-2025-20114-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20114-1 advisory. - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687...
SUSE-SU-2025:21158-1 Security update for himmelblau
This update for himmelblau fixes the following issues: - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687 depsrust: bump the all-cargo-updates group CVE-2025-58160: tracing-subscriber: Fixed log pollution...
OPENSUSE-SU-2025-20114-1 Security update for himmelblau
This update for himmelblau fixes the following issues: - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687 depsrust: bump the all-cargo-updates group CVE-2025-58160: tracing-subscriber: Fixed log pollution...
CVE-2023-40184 Improper handling of session establishment errors in xrdp
xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in in session...
CVE-2023-40184
xrdp is an open source remote desktop protocol RDP server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The authstartsession function can return non-zero 1 value on, e.g., PAM error which may result in in session...
PT-2021-4103 · Impacket · Impacket
Name of the Vulnerable Software and Affected Versions: Impacket versions 0.9.22 and earlier Description: The issue is related to multiple path traversal vulnerabilities in the smbserver.py component of Impacket. An attacker connecting to a running smbserver instance can exploit these...
[SECURITY] [DSA-004-1] nano symlink attack
Package : nano Problem type : symlink attack Debian-specific: no The problem that was previously reported for joe also occurs with other editors. When nano a free pico clone unexpectedly dies it tries a warning message to a new file with a predictable name the name of the file being edited with...