#linux

An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1393: A flaw was found in X.Org Server Overlay Window. A Use-After-Free may lead to local privilege escalation. If a client explicitly destroys the compositor overlay window (aka COW), the Xserver would leave a dangling pointer to that window in the CompScreen structure, which will trigger a use-after-free later.

GLPI Cartography versions prior to 6.0.0 suffers from a remote shell upload vulnerability.

GLPI versions 10.0.0 through 10.0.2 suffer from a remote SQL injection vulnerability that can lead to remote code execution.

GLPI Activity versions prior to 3.1.0 suffer from a local file inclusion vulnerability.

GLPI Glpiinventory versions 1.0.1 and below suffer from a local file inclusion vulnerability.

GLPI Manageentities versions prior to 4.0.2 suffer from a local file inclusion vulnerability.

Roxy WI version 6.1.1.0 suffers from an unauthenticated remote code execution vulnerability.

Roxy WI version 6.1.0.0 suffers from an unauthenticated remote code execution vulnerability.

Sleuthkit version 4.11.1 suffers from a command injection vulnerability.

Roxy WI version 6.1.0.0 suffers from an improper authentication control vulnerability.