ZDI-22-808: Microsoft Windows DiagTrack Service Link Following Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-807: Microsoft Visual Studio VSIX Auto Update Deserialization of Untrusted Data Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Visual Studio. An attacker must first obtain the ability to execute low-privileged...
USN-5443-2: Linux kernel vulnerabilities
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to...
USN-5442-2: Linux kernel vulnerabilities
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to...
CVE-2021-27778
HCL Traveler is vulnerable to a cross-site scripting (XSS) caused by improper validation of the Name parameter for Approved Applications in the Traveler administration web...
DSA-5155 wpewebkit – security update
The following vulnerabilities have been discovered in the WPE WebKit web engine: Read More
DSA-5154 webkit2gtk – security update
The following vulnerabilities have been discovered in the WebKitGTK web engine: Read More
DSA-5156 firefox-esr – security update
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or...
USN-5454-2: CUPS vulnerabilities
USN-5454-1 fixed several vulnerabilities in CUPS. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Joshua Mason discovered that CUPS incorrectly...
USN-5451-1: InfluxDB vulnerability
Ilya Averyanov discovered that an InfluxDB vulnerability allowed attackers to bypass authentication and gain access to any known database user. Read More