20 matches found
Astra Linux – Vulnerability in Linux, Linux 5.10
The drivers/block/floppy.c file in the Linux kernel before version 5.17.6 is vulnerable to a denial-of-service attack due to a concurrency issue after deallocating rawcmd in the rawcmdioctl function...
CVE-2026-24930
UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability...
PT-2026-6704
Name of the Vulnerable Software and Affected Versions versions prior to 2026 affected versions not specified Description A use-after-free UAF concurrency vulnerability exists within the graphics module. Successful exploitation of this issue may impact system availability. Recommendations At the...
EUVD-2022-24938
Malicious code in bioql PyPI...
EUVD-2022-37015
Malicious code in bioql PyPI...
The vulnerability of the Concurrency component of Oracle GraalVM Enterprise Edition and the Oracle Java SE software platform allows a hacker to trigger a service failure.
The vulnerability of the Concurrency component in Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK, and the Oracle Java SE software platform is related to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service failures...
CVE-2023-50448
In ActiveAdmin aka Active Admin before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data that belongs to another user by making CSV export requests at certain specific times...
PT-2023-31554 · Unknown · Activeadmin
Name of the Vulnerable Software and Affected Versions: ActiveAdmin versions prior to 2.12.0 Description: A concurrency issue in ActiveAdmin allows a malicious actor to access potentially private data belonging to another user by making CSV export requests at specific times. The issue is caused by...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-2873)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled
A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have...
SUSE SLES12 Security Update : kernel (Live Patch 26 for SLE 12 SP4) (SUSE-SU-2022:3373-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3373-1 advisory. This update for the Linux Kernel 4.12.14-9596 fixes several issues. The following security issues were fixed: - CVE-2022-39188: Fixed a race...
wildfly: Wildfly management of EJB Session context returns wrong caller principal with Elytron Security enabled
A flaw was found in Wildfly, where it returns an incorrect caller principal under certain heavily concurrent situations when Elytron Security is used. This flaw allows an attacker to gain improper access to information they should not have...
PT-2022-3466 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is caused by a concurrency use-after-free flaw in the bad flp intr function, allowing a local attacker to execute arbitrary code on the system or cause a denial of service...
Updated java-1.8.0-openjdk packages fix security vulnerabilities
The updated packages fix several bugs and some security issues: Missing restrictions on use of custom SocketImpl Networking, 8218573. CVE-2019-2945 Improper handling of Kerberos proxy credentials Kerberos, 8220302. CVE-2019-2949 NULL pointer dereference in DrawGlyphList 2D, 8222690. CVE-2019-2962...
Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw
Samsung fimg2d - FIMG2DBITBLTBLIT ioctl Concurrency Flaw Source: https://code.google.com/p/google-security-research/issues/detail?id=492 The Samsung Graphics 2D driver /dev/fimg2d is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains...
Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw
Source: https://code.google.com/p/google-security-research/issues/detail?id=492 The Samsung Graphics 2D driver /dev/fimg2d is accessible by unprivileged users/applications. It was found that the ioctl implementation for this driver contains a locking error which can lead to memory errors such as...
OpenJDK: Executors state handling issues (Concurrency, 7189103)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Concurrency...
OpenJDK: AtomicReferenceArray insufficient array type check (Concurrency, 7082299)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE:...
security flaw
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...
security flaw
Concurrency vulnerability in Mozilla Firefox 1.5.0.6 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via multiple Javascript timed events that load a deeply nested XML file, followed by redirecting the browser to another page, which leads...