Lucene search
K

2566 matches found

CNNVD
CNNVD
added 2024/02/22 12:0 a.m.4 views

Apache Answer 竞争条件问题漏洞

Apache Answer is a community platform of the Apache USA Foundation. Apache Answer 1.2.1 and prior versions suffer from a Competing Conditions vulnerability, which arises from improper handling of concurrent access when concurrent code requires mutually exclusive access to shared resources during...

5.9CVSS7AI score0.00895EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/02/21 12:0 a.m.21 views

SUSE SLES12: postgresql13 / postgresql13-contrib / postgresql13-devel / etc (SUSE-SU-2024:0541-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0541-1 advisory. Upgrade to 13.14: - CVE-2024-0985: Tighten security restrictions within REFRESH MATERIALIZED VIEW CONCURRENTLY bsc1219679. Tenable has...

8CVSS7.2AI score0.01465EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2024/02/19 2:29 a.m.354 views

Exploit for Path Traversal in Jenkins

CVE-2024-23897: Jenkins Arbitrary File Read Vulnerability Lead...

9.8CVSS10AI score0.99999EPSS
Exploits46
GithubExploit
GithubExploit
added 2024/02/14 12:47 p.m.383 views

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 This script provides an automated Proof of C...

9.8CVSS9.8AI score0.93546EPSS
Exploits25
FreeBSD
FreeBSD
added 2024/02/08 12:0 a.m.37 views

postgresql-server -- non-owner REFRESH MATERIALIZED VIEW CONCURRENTLY executes arbitrary SQL

PostgreSQL Project reports: One step of a concurrent refresh command was run under weak security restrictions. If a materialized view's owner could persuade a superuser or other high-privileged user to perform a concurrent refresh on that view, the view's owner could control code executed with th...

8CVSS7.7AI score0.01465EPSS
Exploits0References1
Citrix
Citrix
added 2024/02/05 12:0 a.m.7 views

No License consumption after changing the License type

After changing the License type to concurrent the Licenses were not consumed License usage showed as 0 Used...

7.1AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/01/31 12:0 a.m.5 views

The vulnerability of the amdgpu_cs_wait_all_fences() function in the drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c driver for AMD Radeon graphics cards in the Linux operating system allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the amdgpucswaitallfences function in the drivers/gpu/drm/amd/amdgpu/amdgpucs.c driver for AMD Radeon graphics cards in the Linux operating system is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability...

7.8CVSS6.3AI score0.00321EPSS
Exploits0References16Affected Software4
Exploit DB
Exploit DB
added 2024/01/31 12:0 a.m.482 views

Proxmox VE - TOTP Brute Force

Exploit Title: Proxmox VE TOTP Brute Force Date: 09/23/2023 Exploit Author: Cory Cline, Gabe Rust Vendor Homepage: https://www.proxmox.com/en/ Software Link: http://download.proxmox.com/iso/ Version: 5.4 - 7.4-1 Tested on: Debian CVE : CVE-2023-43320 import time import requests import urllib.pars...

8.8CVSS8.9AI score0.0099EPSS
Exploits3
NVD
NVD
added 2024/01/12 1:15 a.m.15 views

CVE-2024-21601

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...

5.9CVSS5.8AI score0.00454EPSS
Exploits0References2
Prion
Prion
added 2024/01/12 1:15 a.m.23 views

Race condition

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the Flow-processing Daemon flowd of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service Dos. On SRX Series devices when t...

2.6CVSS7.3AI score0.00454EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/01/10 9:30 a.m.13 views

GHSA-F899-4MR4-FQPV Apache Answer Race Condition vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarke...

3.1CVSS3.6AI score0.00891EPSS
Exploits0References4
OSV
OSV
added 2024/01/10 9:15 a.m.17 views

CVE-2023-49619

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarke...

3.1CVSS4.1AI score
Exploits0References2
Prion
Prion
added 2024/01/10 9:15 a.m.16 views

Race condition

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarke...

2.1CVSS7.1AI score0.00891EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/01/10 8:25 a.m.19 views

CVE-2023-49619 Apache Answer: Repeated submissions using scripts resulted in an abnormal number of collections for questions.

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Apache Answer. This issue affects Apache Answer: through 1.2.0. Under normal circumstances, a user can only bookmark a question once, and will only increase the number of questions bookmarke...

4.3AI score0.00891EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/01/09 12:0 a.m.6 views

The vulnerability of the do_vcc_ioctl() function in the net/atm/ioctl.c module, which implements the ATM network protocol in the Linux operating system’s kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the dovccioctl function in the net/atm/ioctl.c module, which implements the ATM network protocol in the Linux operating system, is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attack...

7.1CVSS6.3AI score0.00515EPSS
Exploits0References15Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/01/09 12:0 a.m.7 views

The vulnerability of the atalk_ioctl() function in the net/appletalk/ddp.c module, which is part of the AppleTalk protocol implementation in the Linux kernel, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the atalkioctl function in the net/appletalk/ddp.c module, which implements the Appletalk protocol in the Linux kernel, is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to...

7CVSS6.3AI score0.0031EPSS
Exploits0References14Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/01/09 12:0 a.m.7 views

The vulnerability of the bt_sock_recvmsg() function in the net/bluetooth/af_bluetooth.c module of the Linux kernel Bluetooth driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the btsockrecvmsg function in the net/bluetooth/afbluetooth.c module of the Linux kernel’s Bluetooth driver is related to the reallocation of previously freed memory due to concurrent access to resources. Exploiting this vulnerability could allow an attacker to compromise the...

10CVSS6.3AI score0.0026EPSS
Exploits0References14Affected Software5
OSV
OSV
added 2023/12/21 8:15 p.m.11 views

AZL-32284 CVE-2023-6546 affecting package kernel for versions less than 5.15.148.1-1

A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOCSETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsmdlci while restarting th...

7CVSS6.6AI score0.00767EPSS
Exploits0References1
Veracode
Veracode
added 2023/11/29 10:12 a.m.18 views

Denial Of Service (DoS)

apachesuperset is vulnerable to Denial Of Service DoS. The vulnerability is caused by a lack rate limiting in the API and dashboard functionalities. An attacker with authenticated access, could exploit this vulnerability by initiating multiple concurrent requests for dashboard exports. This can...

6.5CVSS6.8AI score0.0114EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2023/11/28 6:30 p.m.21 views

Apache Superset Allocation of Resources Without Limits or Throttling vulnerability

An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service. This issue affects Apache Superset: before 3.0.0...

6.5CVSS5.8AI score0.0114EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder