Post Archive
Post tagged #CVE:
- tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337) - Nov 26, 2024
- authentik: remote timing attack in MetricsView HTTP Basic Auth (CVE-2024-52307) - Nov 26, 2024
- oath-toolkit: privilege escalation in pam_oath.so (CVE-2024-47191) - Oct 4, 2024
- pcp: pmcd network daemon review (CVE-2024-45769), (CVE-2024-45770) - Sep 18, 2024
- gnome-remote-desktop: D-Bus system service in GNOME release 46 (CVE-2024-5148) - May 22, 2024
- dnf5daemon-server: Incomplete fix of CVE-2024-1929 (CVE-2024-2746) - Apr 3, 2024
- dnf5daemon-server: Local root Exploit and Local Denial-of-Service in dnf5 D-Bus Components - Mar 4, 2024
- Performance Co-Pilot (pcp): Unsafe use of Directories in /var/lib/pcp and /var/log/pcp breaks pcp Service User Isolation (CVE-2023-6917) - Feb 27, 2024
- darkhttpd: timing attack and local leak of HTTP basic auth credentials - Jan 22, 2024
- pam: pam_namespace misses O_DIRECTORY flag in protect_dir() (CVE-2024-22365) - Jan 19, 2024
- budgie-extras: Multiple Predictable /tmp Path Issues in Various Applications - Dec 14, 2023
- File Descriptor Hijack vulnerability in open-vm-tools (CVE-2023-34059) - Oct 27, 2023
- check_smart.pl: unprivileged user can alter hard drive settings (CVE-2021-42257) - Oct 14, 2021
Post tagged #local:
- stalld: unpatched fixed temporary file use and other issues - Nov 29, 2024
- tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337) - Nov 26, 2024
- oath-toolkit: privilege escalation in pam_oath.so (CVE-2024-47191) - Oct 4, 2024
- gnome-remote-desktop: D-Bus system service in GNOME release 46 (CVE-2024-5148) - May 22, 2024
- dnf5daemon-server: Incomplete fix of CVE-2024-1929 (CVE-2024-2746) - Apr 3, 2024
- KDE6 release: D-Bus and Polkit Galore - Apr 2, 2024
- dnf5daemon-server: Local root Exploit and Local Denial-of-Service in dnf5 D-Bus Components - Mar 4, 2024
- Performance Co-Pilot (pcp): Unsafe use of Directories in /var/lib/pcp and /var/log/pcp breaks pcp Service User Isolation (CVE-2023-6917) - Feb 27, 2024
- Security Issues in Passim Local Caching Server - Oct 27, 2023
- check_smart.pl: unprivileged user can alter hard drive settings (CVE-2021-42257) - Oct 14, 2021
Post tagged #D-Bus:
- tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337) - Nov 26, 2024
- gnome-remote-desktop: D-Bus system service in GNOME release 46 (CVE-2024-5148) - May 22, 2024
- dnf5daemon-server: Incomplete fix of CVE-2024-1929 (CVE-2024-2746) - Apr 3, 2024
- KDE6 release: D-Bus and Polkit Galore - Apr 2, 2024
- dnf5daemon-server: Local root Exploit and Local Denial-of-Service in dnf5 D-Bus Components - Mar 4, 2024
Post tagged #spotlight:
- SUSE Security Team Spotlight Autumn 2024 - Dec 9, 2024
- SUSE Security Team Spotlight Summer 2024 - Aug 13, 2024