Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /dev/pts/ and /dev/tty*.
Category Archives: Advisories
USN-5510-2: X.Org X Server vulnerabilities
USN-5510-1 fixed several vulnerabilities in X.Org. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain inputs. An attacker could use this issue to cause the server to
crash, resulting in a denial of service, or possibly execute arbitrary
code and escalate privileges.
USN-5510-1: X.Org X Server vulnerabilities
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain inputs. An attacker could use this issue to cause the server to
crash, resulting in a denial of service, or possibly execute arbitrary
code and escalate privileges.
USN-5503-2: GnuPG vulnerability
USN-5503-1 fixed a vulnerability in GnuPG. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Demi Marie Obenour discovered that GnuPG incorrectly handled injection in
the status message. A remote attacker could possibly use this issue to
forge signatures.
graphviz-5.0.0-1.fc37
FEDORA-2022-e715590b2d
Packages in this update:
graphviz-5.0.0-1.fc37
Update description:
Automatic update for graphviz-5.0.0-1.fc37.
Changelog
* Tue Jul 12 2022 Jaroslav Škarvada <jskarvad@redhat.com> – 5.0.0-1
– New version
Resolves: rhbz#2105006
* Sun Jul 10 2022 Elliott Sales de Andrade <quantum.analyst@gmail.com> – 4.0.0-9
– Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191,
CVE-2022-29526, CVE-2022-30629
ZDI-22-968: BMC Track-It! HTTP Module Improper Access Control Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It!. Authentication is not required to exploit this vulnerability.
ZDI-22-967: BMC Track-It! GetPopupSubQueryDetails SQL Injection Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It!. Authentication is required to exploit this vulnerability.
ZDI-22-966: Siemens Simcenter Femap X_T File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-965: Siemens Simcenter Femap NEU File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens Simcenter Femap. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
ZDI-22-964: X.Org Server ProcXkbSetGeometry Out-Of-Bounds Access Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.