2566 matches found
Session Fixation Vulnerability
Description It was noticed that the easyappointments application is vulnerable to Session Fixation vulnerability. The application does not generate a new easession cookie after the user authenticate successfully into the application. A malicious user is able to create a new session cookie value a...
Exploit for Improper Access Control in Joomla Joomla\!
CVE-2023-23752 Introduction Open-source, Go-based multi-conc...
Siemens SCALANCE X-200RNA Switch Devices Concurrent Execution Using Shared Resource with Improper Synchronization (CVE-2018-15473)
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. - OpenSSH through 7.7 is prone to a...
SUSE CVE-2005-2534
Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service server crash via simultaneous TCP connections from multiple clients that use the same client certificate...
SUSE CVE-2005-3510
Apache Tomcat 5.5.0 to 5.5.11 allows remote attackers to cause a denial of service CPU consumption via a large number of simultaneous requests to list a web directory that has a large number of files...
SUSE CVE-2010-0172
toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Prompt implementation in Mozilla Firefox 3.6 before 3.6.2 does not properly handle concurrent authorization requests from multiple web sites, which might allow remote web servers to spoof an authorizati...
SUSE CVE-2011-1486
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service crash by causing multiple threads to report errors at the same time...
SUSE CVE-2016-2774
ISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service INSIST assertion failure or request-processing outage by establishing many sessions...
SUSE CVE-2016-5242
The p2mteardown function in arch/arm/p2m.c in Xen 4.4.x through 4.6.x allows local guest OS users with access to the driver domain to cause a denial of service NULL pointer dereference and host OS crash by creating concurrent domains and holding references to them, related to VMID exhaustion...
SUSE CVE-2016-8745
A bug in the error handling of the send file code for the NIO HTTP connector in Apache Tomcat 9.0.0.M1 to 9.0.0.M13, 8.5.0 to 8.5.8, 8.0.0.RC1 to 8.0.39, 7.0.0 to 7.0.73 and 6.0.16 to 6.0.48 resulted in the current Processor object being added to the Processor cache multiple times. This in turn...
SUSE CVE-2017-10913
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1...
SUSE CVE-2017-12836
CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by "-oProxyCommand=id;localhost:/bar."...
SUSE CVE-2018-10902
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc double free in sndrawmidiinputparams and sndrawmidioutputstatus which are part of sndrawmidiioctl handler in rawmidi.c file. A malicious local attacker could possibly use this f...
SUSE CVE-2018-19364
hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to for example a use-after-free outcome...
SUSE CVE-2019-17185
In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global OpenSSL BNCTX instance to handle all handshakes. This mean multiple threads use the same BNCTX instance concurrently, resulting in crashes when concurrent EAP-pwd handshakes are initiated. This can be abused by an adversary as a...
SUSE CVE-2020-13943
If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection in violation of the HTTP/2 protocol, it was possible that a subsequent request made on that connection could...
SUSE CVE-2020-15586
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time...
SUSE CVE-2020-35513
A flaw incorrect umask during file or directory modification in the Linux kernel NFS network file system functionality was found in the way user create and delete object using NFSv4.2 or newer if both simultaneously accessing the NFS by the other process that is not using new NFSv4.2. A user with...
SUSE CVE-2021-22897
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPTSSLCIPHERLIST when libcurl is built to use the Schannel TLS library. The selected cipher set was stored in a single "static" variable in the library, which has the surprising...
SUSE CVE-2022-22677
A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview in a webRTC call may be interrupted if the user answers a phone call...