Post Archive

Post tagged #CVE:

• oath-toolkit: privilege escalation in pam_oath.so (CVE-2024-47191) - Oct 4, 2024
• pcp: pmcd network daemon review (CVE-2024-45769), (CVE-2024-45770) - Sep 18, 2024
• gnome-remote-desktop: D-Bus system service in GNOME release 46 (CVE-2024-5148) - May 22, 2024
• dnf5daemon-server: Incomplete fix of CVE-2024-1929 (CVE-2024-2746) - Apr 3, 2024
• dnf5daemon-server: Local root Exploit and Local Denial-of-Service in dnf5 D-Bus Components - Mar 4, 2024
• Performance Co-Pilot (pcp): Unsafe use of Directories in /var/lib/pcp and /var/log/pcp breaks pcp Service User Isolation (CVE-2023-6917) - Feb 27, 2024
• darkhttpd: timing attack and local leak of HTTP basic auth credentials - Jan 22, 2024
• pam: pam_namespace misses O_DIRECTORY flag in protect_dir() (CVE-2024-22365) - Jan 19, 2024
• budgie-extras: Multiple Predictable /tmp Path Issues in Various Applications - Dec 14, 2023
• File Descriptor Hijack vulnerability in open-vm-tools (CVE-2023-34059) - Oct 27, 2023
• check_smart.pl: unprivileged user can alter hard drive settings (CVE-2021-42257) - Oct 14, 2021

Post tagged #local:

• oath-toolkit: privilege escalation in pam_oath.so (CVE-2024-47191) - Oct 4, 2024
• gnome-remote-desktop: D-Bus system service in GNOME release 46 (CVE-2024-5148) - May 22, 2024
• dnf5daemon-server: Incomplete fix of CVE-2024-1929 (CVE-2024-2746) - Apr 3, 2024
• KDE6 release: D-Bus and Polkit Galore - Apr 2, 2024
• dnf5daemon-server: Local root Exploit and Local Denial-of-Service in dnf5 D-Bus Components - Mar 4, 2024
• Performance Co-Pilot (pcp): Unsafe use of Directories in /var/lib/pcp and /var/log/pcp breaks pcp Service User Isolation (CVE-2023-6917) - Feb 27, 2024
• Security Issues in Passim Local Caching Server - Oct 27, 2023
• check_smart.pl: unprivileged user can alter hard drive settings (CVE-2021-42257) - Oct 14, 2021

Post tagged #sudo:

• check_smart.pl: unprivileged user can alter hard drive settings (CVE-2021-42257) - Oct 14, 2021

Post tagged #tmpfiles:

• budgie-extras: Multiple Predictable /tmp Path Issues in Various Applications - Dec 14, 2023
• hplip: Security Issues in hpps Program due to Fixed /tmp Path Usage - Nov 23, 2023

Post tagged #pam:

• pam: pam_namespace misses O_DIRECTORY flag in protect_dir() (CVE-2024-22365) - Jan 19, 2024

Post tagged #remote:

• pcp: pmcd network daemon review (CVE-2024-45769), (CVE-2024-45770) - Sep 18, 2024
• darkhttpd: timing attack and local leak of HTTP basic auth credentials - Jan 22, 2024

Post tagged #D-Bus:

• gnome-remote-desktop: D-Bus system service in GNOME release 46 (CVE-2024-5148) - May 22, 2024
• dnf5daemon-server: Incomplete fix of CVE-2024-1929 (CVE-2024-2746) - Apr 3, 2024
• KDE6 release: D-Bus and Polkit Galore - Apr 2, 2024
• dnf5daemon-server: Local root Exploit and Local Denial-of-Service in dnf5 D-Bus Components - Mar 4, 2024

Post tagged #KDE:

• KDE6 release: D-Bus and Polkit Galore - Apr 2, 2024

Post tagged #Polkit:

• KDE6 release: D-Bus and Polkit Galore - Apr 2, 2024

Post tagged #spotlight:

• SUSE Security Team Spotlight Summer 2024 - Aug 13, 2024

Post tagged #PAM:

• oath-toolkit: privilege escalation in pam_oath.so (CVE-2024-47191) - Oct 4, 2024

Post tagged #symlink:

• oath-toolkit: privilege escalation in pam_oath.so (CVE-2024-47191) - Oct 4, 2024